Information Systems Security Management

Information security management terms and concepts. Security Planning: Approaches and Risk Analysis. Risk analysis methods and software tools (CRAMM, OCTAVE, SBA analysis). Security governance standards. Frameworks, guidelines and certifications for security management (ISO 27001, ISO 27002, NIST SP 800-30, etc.). Information Systems Security Auditing. Security policies. Information security incident management. Planning for incident management and security incident handling steps. Business continuity and disaster recovery. Information security awareness. The General Data Protection Regulation. Privacy impact assessment for data protection. Methods and software tools for implementing privacy impact analysis. Information security measurement.

1. “Ασφάλεια Πληροφοριακών Συστημάτων”, Σωκρ. Κάτσικας, Δ. Γκρίτζαλης, Στεφ. Γκρίτζαλης, Εκδόσεις ΝΕΩΝ ΤΕΧΝΟΛΟΓΙΩΝ, ISBN 960-8105-57-9, 2004
2. “Ασφάλεια ασυρμάτων και κινητών δικτύων επικοινωνιών”, Καμπουράκης Γ., Γκρίτζαλης Στεφ., Κάτσικας Σωκρ. Κ., Εκδόσεις Παπασωτηρίου, ISBN 978-960-7530-81-3, 2006