Introduction to Information Security

Study:	Civil Law - 9. semester Commercial Law - 9. semester Constitutional-Administrative - 9. semester Criminal Law - 9. semester International Law - 9. semester The European Union Law - 9. semester
Code:	127647
ECTS:	4.0
Course coordinators:	Dražen Dragičević izv. prof. dr. sc. Tihomir Katulić
Lecturers:	izv. prof. dr. sc. Nina Gumzej - Lectures izv. prof. dr. sc. Marko Jurić - Lectures izv. prof. dr. sc. Hrvoje Lisičar - Lectures
Exam dates:	26. 06. 2023. 10. 07. 2023. 28. 08. 2023. 11. 09. 2023. Exam registration: Studomat

Literature:

Michael Whitman, Herbert Mattord; Principles of Information Security; Cengage Learning (2014), str. [object Object]
Barry Kouns, Jake Kouns; The Chief Information Security Officer; IT Governance Publishing (2011), str. [object Object]
Serge Gutwirth, Yves Poullet, Paul de Hert; Data Protection in a Profiled World; Springer Science Business Media (2010), str. [object Object]
David I. Bainbridge; Introduction to Information Technology Law; Pearson Education (2007), str. [object Object]

Description:

Within this course students will acquire fundamental understanding of information security and specific knowledge regarding legal, technical and organizational framework of information security in the digital domain. Students will be given insight into the quandaries of legal regulation of information security and relevant technology as well as industrial standards of information security on an European and global level. Through this course students will develop ability to critically understand, analyze and apply the legal framework of information security both in Croatian legal system and the EU and the USA.

Cognitive Skills:

Knowledge and understanding

After successfully completing the course, students will be able to:

- define information security,

- indicate methods and approaches to protection of information systems and data,

- explain security risks in the environment of information technology,

- explain institutional and regulatory framework of information security,

- indicate legal solutions from domestic and comparative legislation.

Application

After successfully completing the course, students will be able to:

- apply legal regulations about information security,

- use acquired knowledge in order to provide a better interpretation of the data protection,

- conduct research about efficiency of protection of information security and application of legislative self-regulatory standards,

- use acquired knowledge to ensure a high level of security of business information systems

Analysis

After successfully completing the course, students will be able to:

- connect the influence of high technologies on information security,

- indicate vulnerabilities of information systems

- examine procedures within business environment which can lead to vulnerability

- indicate standards of information security

- analyse legislative framework of information security

- analyse self-regulatory and institutional framework of information security

Synthesis

After successfully completing the course, students will be able to:

- propose legislative solutions for the purpose of better regulation

- pšpropose application of individual methods to realise a higher level of security

- formulate security policy

- propose changes in the existing institutional framework

Evaluation

After successfully completing the course, students will be able to:

- examine procedures and manner of regulation of information security

- compare legal regulation of information security in the Republic of Croatia, EU and other legal orders

- compare the institutional framework

Practical and Generic Skills:

After successfully completing the course, students will be able to:

- publicly present learning outcomes

- express themselves in a clear, well structured text explaining their standpoints,

- develop communication skills.

- develop presentation skills

- develop the ability of data analysis

- develop the ability of finding and selecting relevant data

- develop the ability of team work

Matching Assessments to Learning Outcomes:

Oral examination will be used for testing learning ouitcomes.

Oral examination comprises testing of theoretical knowledge from the area of legal regulation of information security, knowledge about legal regulation and regulatory framework, understanding the work of institutions and bodies with regard to protection of information security, knowledge about the most important results of self-regulation, industrial standards of information security, the ostructure of state information infrastructure, the development, implementation and assessment of the information security policy.

Consultations schedule:

izv. prof. dr. sc. Nina Gumzej:
Fridays at 8 am upon prior e-mail announcement
Location: Ćirilometodska 4, room 55/II
izv. prof. dr. sc. Marko Jurić:
Tuesdays, 9-10am
Location: Trg Republike Hrvatske 3, room 39

Lecturer in charge	Consultations	Location
Dražen Dragičević
izv. prof. dr. sc. Tihomir Katulić		Gundulićeva 10, room br. 7

Lecturer	Consultations	Location
izv. prof. dr. sc. Nina Gumzej (Lectures)	Fridays at 8 am upon prior e-mail announcement	Ćirilometodska 4, room 55/II
izv. prof. dr. sc. Marko Jurić (Lectures)	Tuesdays, 9-10am	Trg Republike Hrvatske 3, room 39
izv. prof. dr. sc. Hrvoje Lisičar (Lectures)		Gundulićeva 10, room Gundulićeva 10, soba Gundulićeva 10, soba 7

Literature
Michael Whitman, Herbert Mattord; Principles of Information Security; Cengage Learning (2014), str. [object Object]
Barry Kouns, Jake Kouns; The Chief Information Security Officer; IT Governance Publishing (2011), str. [object Object]
Serge Gutwirth, Yves Poullet, Paul de Hert; Data Protection in a Profiled World; Springer Science Business Media (2010), str. [object Object]
David I. Bainbridge; Introduction to Information Technology Law; Pearson Education (2007), str. [object Object]