Design and Delivery of Undergraduate IT Security Management Course

  • Jemal H. Abawajy
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5576)


Information technology has become the core tool of business organisations’. External and internal threats as well as legal, regulatory and contractual compliance requirements are all combining to make effective information security a key information technology management challenges. This paper describes an undergraduate information technology security management course that provides comprehensive knowledge and skills necessary to manage both strategic and operational aspects of information security. The course covers a broad range of managerial topics in information technology security and makes use of a number of security tools and techniques to complement the theory taught. In this paper, we describe our approach, our experiences and lessons learned for teaching information technology security management course. The paper details the content of the course and outlines how it is taught and assessed.


Information security management curriculum development Information Security Manager job analysis 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Sharma, S.K., Sefchek, J.: Teaching information systems security courses: A hands-on Approach. Computers and Security 26(4), 290–299 (2007) Google Scholar
  2. 2.
    Crowley, E.: Information system security curricula development. In: Proceedings of the 4th conference on Information technology curriculum, pp. 249–255 (2003) Google Scholar
  3. 3.
    Turnbull, N.: From the preface of the book IT Governance: A Manager’s Guide to Data Security & BS 7799/ISO 17799 Google Scholar
  4. 4.
    Bishop, M.: Introduction to Computer Security. Addison-Wesley Professional, Reading (2004) Google Scholar
  5. 5.
    Steele, G., Stojkovic, V.: An Information System Security Course for the Undergraduate Information Systems Curriculum. Information Systems Education Journal 2(3), 3–14 (2004) Google Scholar
  6. 6.
    Shing, M.-L., Shing, C.-C., Chen, K.L., Lee, H.: Issues in information security curriculum: collaborative learning and team teaching. International Journal of Innovation and Learning 4(5), 516–529 (2007) Google Scholar
  7. 7.
    Teaching IT security Computer Fraud & Security, vol. 2008(3), p. 10 (March 2008) Google Scholar
  8. 8.
    Mubarak, S.: A Critical Analysis on Theoretical Perspectives of Teaching Information Security in Tertiary Education. In: 18th Australasian Conference on Information Systems, pp. 844–847 (2007) Google Scholar
  9. 9.
    Ramsden, P.: Learning to teach in higher education. Routledge, London (2003) Google Scholar
  10. 10.
    Jensen, B.K., Cline, M., Guynes, C.S.: Teaching the undergraduate CS Information Security Course. ACM SIGCSE Bull. 38(12), 61–63 (2006) Google Scholar
  11. 11.
    Theoharidou, M., Gritzalis, D.: Common Body of Knowledge for Information Security. IEEE Security & Privacy 5(2), 64–67 (2007) Google Scholar
  12. 12.
    Crowley, E.: Information System Security Curricula Development. In: Proc. 4th Conf. IT Curriculum, pp. 249–255. ACM Press, New York (2003) Google Scholar
  13. 13.
    Morneau, K.: Designing an Information Security Program as a Core Competency of Network Technologists. In: Proc. 5th Conf. IT Education, pp. 29–32. ACM Press, New York (2004) Google Scholar
  14. 14.
    Kim, K.-Y., Surendran, K.: Information Security Management Curriculum Design: A Joint Industry and Academic Effort. Journal of Information Systems Education 13(3), 227–236 (2002) Google Scholar
  15. 15.
    McKenzie, W., Murphy, D.: I hope this goes somewhere: Evaluation of an online discussion group. Australian Journal of Education Technology 16(3), 239–257 (2000) Google Scholar
  16. 16.
    Hsu, C., Backhouse, J.: Information Systems Security Education: Redressing the Balance of Theory and Practice. Journal of Information Systems Education 13(3), 211–217 (2002) Google Scholar
  17. 17.
    Harley, S.: Situated Learning and Classroom Instruction. Educational Technology, 46–51 (1993) Google Scholar
  18. 18.
    Anderson, J., et al.: Situated Learning and Education. Educational Research 25(4), 5–11 (1996) Google Scholar
  19. 19.
    Purao, Sandeep: Hyper-Link Teaching and Intelligent Slides: Complementary Strategies To Foster Active Learning. Journal of Education for MIS 5(1), 63–78 (1998) Google Scholar
  20. 20.
    Mckinney Jr., E.H., Yoos II, C.J.: The One School Roomhouse: An Information and Learning Approach to Curriculum Integration. Journal of Management Education 22(5), 618–636 (1998) Google Scholar
  21. 21.
    Logan, P.Y.: Crafting an Undergraduate Information Security Emphasis Within Information Technology. Journal of Information Systems Education 13(3), 177–182 Google Scholar
  22. 22.
    Skills Gaps in the World’s IT Workforce, The Computing Technology Industry Association Inc. (February 2008), Google Scholar
  23. 23.
    Suydam, M.: Tapping the Security Job Market. Information Security, pp. 40–44 (October 1999) Google Scholar
  24. 24.
    Samavedham, L.: Teaching Students to Think: A Matter Google Scholar
  25. 25.
    USA Presidential’s National Plan for Information Systems Protection, Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Jemal H. Abawajy
    • 1
  1. 1.School of Engineering and Information TechnologyDeakin UniversityAustralia

Personalised recommendations