Information is a vital organisational asset. Information systems store, process and exchange information, and most economic sectors are dependent on electronic and automated systems. Interconnectivity is important for many organisations, but this also increases the exposure to adverse events, necessitating the need for thorough information security management.

This unit builds upon fundamental information security concepts, including the management of information systems that affect organisational information security: identity management, authentication, access control, monitoring, risk management, incident response and disaster recovery.