Security Management Dynamics
2011-2012 - IMT4661 - 5sp

Forventet læringsutbytte

Having completed the course, the students will be able to:

Understand the dynamics challenges to implement security standards (the ISO 27000 family) in organizations
Analyze security management challenges as a systemic problem involving technology, organization, human factors and incentives
Create causal maps and develop models of dynamic systems of moderate size of relevance for information security
Verify and validate the models, simulate scenarios and test policies.
Assess which policies are good and bad, which are robust and whether they are realistic.
Understand challenges that are due to dynamic complexity, such as policy resistance, i.e. the tendency for complex dynamic systems to react in a way that defeats well-meant policies that do not consider unintended side effects.

Foundations – Security standards from the perspective of change and dynamics
Introduction to qualitative system dynamics: Causal loop diagrams; System archetypes
Modelling security management dynamics using system archetypes and causal loop diagrams
Introduction to quantitative system dynamics: Causal structure and dynamic behaviour. Introduction to stocks and flows. Time delays.
Basic system dynamics models of security management.

Forelesninger
Oppgaveløsning
Prosjektarbeid

Web-enabled course with forum

Flervalgstest(er)
Vurdering av prosjekt(er)

Bokstavkarakterer, A (best) - F (ikke bestått)

Evaluated by the lecturer

The whole course must be repeated.

The course requires active participation in projects – both in class and outside class.

Hands-on modelling exercises during class are best carried out in computer lab.

Students are encouraged to bring laptops to the classroom.

Literature:

Maani, Kambiz E.; Cavana, Robert Y. Systems Thinking And Modelling. Pearson Education. 9781877371035.

Lectures, exercises and projects by Jose J. Gonzalez in Classfronter

IMT4111 Sikkerhetsledelse