You are viewing information for England.  Change country.

Information security

Whether in the public or private sector, it is the value invested in the information assets of a modern organisation that underpins its effectiveness and drives its profitability. In this online module, you’ll explore the skills necessary to understand, document, manage and implement strategic and operational aspects of your organisation's information security. You’ll study topics in information security risk assessment and management, as well as professionalism, home information security, and information security research. By studying this module, you'll better understand your organisation's information security requirements, developing your ability to deliver a fit-for-purpose information security management system.

Vocational relevance

By studying this module you will learn how to craft a fit-for-purpose Information Security Management System for an organisation with which you are familiar. As such you will be interacting with other people in your organisation and this may help to raise your profile.

Qualifications

M811 is a compulsory module in our:

M811 is an optional module in our:

This module can also count towards M03, which is no longer open to new students.

Postgraduate Loans

If you study this module as part of an eligible qualification, you may be eligible for a Postgraduate Loan. For more information, see Fees and funding.

Excluded combinations

Sometimes you will not be able to count a module towards a qualification if you have already taken another module with similar content. To check any excluded combinations relating to this module, visit our excluded combination finder or check with an adviser before registering.

Module

Module code
M811
Credits

Credits

  • Credits measure the student workload required for the successful completion of a module or qualification.
  • One credit represents about 10 hours of study over the duration of the course.
  • You are awarded credits after you have successfully completed a module.
  • For example, if you study a 60-credit module and successfully pass it, you will be awarded 60 credits.
30
Study level

Across the UK, there are two parallel frameworks for higher education qualifications, the Framework for Higher Education Qualifications in England, Northern Ireland and Wales (FHEQ) and the Scottish Credit and Qualifications Framework (SCQF). These define a hierarchy of levels and describe the achievement expected at each level. The information provided shows how OU postgraduate modules correspond to these frameworks.

OU Postgraduate
SCQF 11
FHEQ 7
Study method
Distance learning
Find out more in Why the OU?
Module cost
See Module registration
Entry requirements

Find out more about entry requirements.

Request your prospectus

Explore our subjects and courses.

Request your copy today

What you will study

In today’s high technology environment, organisations are becoming more and more dependent on their information systems. The public is increasingly concerned about the proper use of information, particularly personal data. The threats to information systems from criminals and terrorists are increasing. Many organisations will identify information as an area of their operation that needs to be protected as part of their systems of internal control’ (Nigel Turnbull, from the preface of the book IT Governance: A Manager’s Guide to Data Security BS 7799/ISO 17799).

Taking a practice-based approach based upon an organisation you are familiar with, this module provides the foundational knowledge, understanding, analysis and synthesis that you need to develop a practical information security management system, to the standard set by the ISO 27000 family of standards (particularly 27001 and 27002). You will also acquire the personal development skills that you need to keep abreast of important development in a rapidly developing field.

The module is structured into strands. The main strand has three independent units written to support and extend the module book.

An introduction to information security

You will begin by learning about the current requirements on, and the incentives for, organisations to implement information security. Next, you will study the foundations of the subject, learning to identify and value information as an organisational asset. The protection of information assets is the subject of the British standards, around which this module is based. This unit outlines the processes required to satisfy the requirements of these standards.

Information security risk assessment

This unit places in context the issues involved in information security risk assessment, as required by the standard. You will examine the risks that may arise in all relevant aspects of an organisation's operations, including human factors, ecommerce, web services and systems development. You will learn how to conduct a systematic risk assessment that leads to a prioritised list of information security risks for an organisation, and the requirements for their treatment.

The unit concludes with an assignment in which you will carry out a risk assessment for your chosen organisation, based on the information contained in the British standards and the module book.

Information security risk management

In this unit you will complete your study of the development of a fit-for-purpose information security management system through the management of information security risks. You will learn how to be systematic in the choice of controls that treat specific risks, and how to produce the documentation required by the relevant British standards. You’ll fully explore the technologies that underpin the standard's controls, and complete the unit by considering the topic of planning for when things do go wrong.

The other strands cover professionalism, home information security, information security research, and exploring the leading edge of information security.

This module makes extensive use of videos, podcasts, blogs and other web resources to support your learning. At the end of the module you will be required to carry out some independent research into an issue in information security management, analysing and evaluating the results of your research for presentation in the end-of-module assessment.

The module is based on the current version of the Information Security standard against which an Information Security Management System would be assessed.

Teaching and assessment

Support from your tutor

You will have a tutor who will be responsible for monitoring your progress on the module, marking and commenting on your written work and whom you can contact for advice and guidance.

Contact us if you want to know more about study with The Open University before you register.

Assessment

The assessment details can be found in the facts box above.

You must use the online eTMA system to submit your tutor-marked assignments (TMAs). The end-of-module assessment (EMA) must also be submitted online.

Course work includes

3 Tutor-marked assignments (TMAs)
End-of-module assessment
No residential school

Course satisfaction survey

See the satisfaction survey results for this course.

Future availability

Information security (M811) starts once a year – in November. This page describes the module that will start in November 2018. We expect it to start for the last time in November 2021.

Regulations

As a student of The Open University, you should be aware of the content of the academic regulations which are available on our Essential Documents website.

    Entry requirements

    It is expected that you will hold a bachelors degree (or equivalent) in computing or a related discipline, or alternatively have at least three years relevant industry experience.

    Your spoken and written English must be of an adequate standard for postgraduate study. If English is not your first language, we recommend that you will need a minimum overall score of 6 and minimum score of 5.5 in each of the four components: reading, writing, speaking and listening under the International English Language Testing System (IELTS). Please see the IELTS website for details.

    If you have any doubt about the suitability of the module, please speak to an adviser.

    Outside the UK

    The basis of this module is the ISO 27000 family of standards on Information Security, which are relevant internationally. The module covers the legislation and regulatory frameworks from the UK and the US: outside of these locations you may require additional study to discover local legislation and regulations.

    Register

    Start End England fee Register
    01 Nov 2018 Apr 2019 £1360.00

    Registration closes 11/10/18 (places subject to availability)

    Register
    This module is expected to start for the last time in November 2020.

    Future availability

    Information security (M811) starts once a year – in November. This page describes the module that will start in November 2018. We expect it to start for the last time in November 2021.

    Additional costs

    Study costs

    There may be extra costs on top of the tuition fee, such as a laptop, travel to tutorials, set books and internet access.

    Ways to pay

    We know there’s a lot to think about when choosing to study, not least how much it’s going to cost and how you can pay.

    That’s why we keep our fees as low as possible and offer a range of flexible payment and funding options. To find out more see Fees and funding.

    Study materials

    What's included

    This module is only presented online - there are no printed materials.

    All the study materials will be available from the module website including: details of how to download and install Nessus software; three units of core texts; the continuous assessment; the end-of-module assessment and exercises and podcasts to support the teaching.

    In addition you will have access to download your own copy of the module book - IT Governance: An International Guide to Data Security and ISO27001/ISOO27002.

    You will need

    The Nessus web-based user interface is best experienced using one of the following web browsers: Microsoft Internet Explorer 9 or 10, Mozilla Firefox 15.x, Google Chrome 16.x, Opera 12.x, or Apple Safari 5.x.

    Some of the web activities in this module use the HTML 5 system.  In order to display this you will need Internet Explorer 9, the latest version of Firefox or Chrome or other modern HTML 5 compliant browser.  If you have a computer with a Windows XP operating system, you will need to install Firefox or Chrome or other modern HTML 5 compliant browser for these activities, as you cannot use Internet Explorer 8.

    Computing requirements

    A computing device with a browser and broadband internet access is required for this module.  Any modern browser will be suitable for most computer activities. Functionality may be limited on mobile devices.

    Any additional software will be provided, or is generally freely available. However, some activities may have more specific requirements. For this reason, you will need to be able to install and run additional software on a device that meets the requirements below.

    A desktop or laptop computer with either:

    • Windows 7 or higher
    • macOS 10.7 or higher

    The screen of the device must have a resolution of at least 1024 pixels horizontally and 768 pixels vertically.

    To participate in our online-discussion area you will need both a microphone and speakers/headphones. 

    Our Skills for OU study website has further information including computing skills for study, computer security, acquiring a computer and Microsoft software offers for students. 

    If you have a disability

    The materials for this module are provided as a series of web pages via the module website and should be accessible using screen readers. You will be required to interact with Nessus software which is 508 compliant; Section 508 was enacted to eliminate barriers in information technology, to make available new opportunities for disabled people, and to encourage development of technologies that will help achieve these goals.

    Figure descriptions of any diagrams will be provided along with transcripts of any audio material and printable versions of the online text based material. Some online material may not be available or fully accessible using a screen reader (and mathematical and scientific materials may be particularly difficult to read in this way). Alternative formats of the study materials may be available in the future.

    If you have particular study requirements please tell us as soon as possible, as some of our support services may take several weeks to arrange. Find out more about our services for disabled students.