Security as Continuous Improvement
2010-2011 - IMT4651 - 5sp

Forutsetter bestått

IMT4661 - Security Management Dynamics

Forventet læringsutbytte

Already the BS7799/ISO17799 standards encouraged viewing security as quality improvement. Some years later and after the extensions to the ISO27000 family, security as a continuous improvement process is not yet a mainstream activity.

The emphasis of this course is on identifying the systemic obstacles in the implementation path of continuous improvement of processes (“the quality improvement paradox”). Then, to apply this insights to redesign security management to achieve continuous improvement.

Emnets temaer

The quality improvement paradox

Security and quality improvement processes

Improving the Performance of Computer Security Incident Response Teams (CSIRTs)

Incident reporting systems and Learning from incidents

Security risks in the transition to Integrated Operations

Security-dependent safety. Continuous improvement of security in Critical Infrastructure

Pedagogiske metoder


Pedagogiske metoder (fritekst)

Web-enabled course with forum


Vurdering av prosjekt(er)


  • Two multiple choice exams counting each 15%
  • Two individual projects (papers) counting each 35%
  • Each part must be individually approved of


Bokstavkarakterer, A (best) - F (ikke bestått)


Evaluated by the lecturer

Utsatt eksamen (tidl. kontinuasjon)

The whole subject must be repeated

Obligatoriske arbeidskrav

The course requires active participation in projects – both in class and outside class.

Hands-on modelling exercises during class are best carried out in computer lab.

Students are encouraged to bring laptops to the classroom.


Written material will be given/sent to the students during the semester.