Skip to main content Skip to navigation

Information Security Management

Learn to:
  • Adopt a responsible attitude to the social and ethical consequences that flow from professional engagement in security management
  • Develop and evaluate the overall coherence of an organisation's approach to cyber security management

Why is this important?

All organisations have information that they value, and that value needs protecting, and within an organisation, certain individuals will carry formal responsibility for protecting that value. Ensuring that the responsible persons within an organisation have appropriate confidence in the security measures, which are protecting the organisation's valuable information, is the realm of information security management.

Some information will be special secret knowledge that gives the organisation competitive advantage; if that information leaks to a competitor, then its value is reduced. Some information may control the organisation's processes; if this controlling information is changed, then its value may be reduced since it causes the organisation to behave less well. Some information may relate to external perception of the organisation's ability to function; if external parties perceive this publicity information is not under the control of the organisation, then future opportunities for the organisation may be degraded through loss of trust.

Determining the relationship between the properties of information that give it value, the vulnerability of those properties to degradation, threats that might take advantage of the vulnerability to degradation, and the resultant impact to the organisation when bad things happen, is the realm of information risk management. Things can be done to reduce the vulnerability, the threat, or the severity of the impact. These things enhance information security.


Information security management is about having the strategy, policy, processes, behaviours, and technology, in place and coherently supporting each other.

Module content will cover:

  • policy, strategy, awareness and audit
  • legal and regulatory environment

Delivery and assessment

10 half-day sessions will be regularly spaced across Year 2. Within each half day session, there will be a mix of lecture, tutorial and practical activity.

Assessment is 100% coursework for this module.

Essential information

Entry Requirements
A level: AAB (STEM subjects preferred)
IB: 36 points (STEM subjects preferred), with a minimum of 4 in English


Degree of Bachelor of Science (BSc)

3 years full time (30 weeks per academic year)

Tuition fees
Find out more about fees and funding

How to apply Undergraduate admissions