Course Title Course Code Program Level
Information Security Standards and Architectures MYG248 Informatics Security Technology Associate Degree

Course Term
(Course Semester)
Teaching and Learning Methods
Theory Practice Lab Projects/Field Work Seminars/Workshops Other Total Credits ECTS Credits
42 0 0 36 42 120 3 5

Teaching Staff Öğr. Gör. İlayda YAĞ
Language of Instruction Türkçe (Turkish)
Type Of Course Compulsory
Prerequisites Non
Recommended Optional Programme Component
Course Objectives Ability to plan to create an information security architecture, with a knowledge of information security standards.
Course Content Procedures and security architecture development methods of ISO 27001, one of the information security standards
Learning Outcomes (LO) 1. Mastering ISO 27001 standards and information security architecture procedures 2. To learn the conditions necessary for an institution or organization to comply with information security standards 3. To know the steps of building an information security architecture in an institution or organization 4. To have the knowledge to train on information security awareness
Mode of Delivery Face to face
Course Outline
Week Topics
1. Week Basics of information security
2. Week What is the ISO / IEC 27001 Standard
3. Week Conditions and steps of obtaining ISO / IEC 27001 certification
4. Week ISO / IEC 27001 Procedures
5. Week Information Security Management System (ISMS) Processes
6. Week Planning and Creating Information Assets Inventory
7. Week Risk Analysis Studies
8. Week Midterm
9. Week SOA (State of Applicability) and Documentation Studies
10. Week Sample Documents
11. Week Implementation of Controls and Procedures
12. Week Implementation of Internal Inspections
13. Week Taking Precautions - Corrective Actions
14. Week Final exam
Mid-term (%) 40
Quizes (%)
Homeworks/Term papers (%) 20
Practice (%)
Labs (%)
Projects/Field Work (%)
Seminars/Workshops (%)
Final (%) 40
Other (%)
Total(%) 100
Course Book (s) and/or References Çubukçu, F. (2018). Bilgi Güvenliği Yönetim Sistemi: ISO 27001: 2013 uygulama kılavuzu. İstanbul: Pusula. Siponen, M. (2006). Information security standards focus on the existence of process, not its content. Communications of the ACM, 49(8), 97-100.
Work Placement(s)
The Relationship between Program Qualifications (PQ) and Course Learning Outcomes (LO)