TU Delft
Education Type
Education print this page print this page     
2013/2014 Delft Top Tech Master Customs & Supply Chain Compliance (TBM)
Information Security
Responsible Instructor
Name E-mail
Prof.dr.ir. J. van den Berg    J.vandenBerg@tudelft.nl
Course Coordinator
Name E-mail
Dr. J. Hulstijn    J.Hulstijn@tudelft.nl
Contact Hours / Week x/x/x/x
Education Period
Different, to be announced
Start Education
Exam Period
Different, to be announced
Exam by appointment
Course Language
Expected prior knowledge
Basic understanding of computer networks and internet technology. In particular, we recommend that you have read:
J. Glenn Brookshear (2009), Computer Science: an Overview, 10th edition, in particular Chapter 1 and 4, and know TCP/IP.
Course Contents
This course is about the basic concepts of information security. Topics are: risk analysis, information security management, cryptography, trust, protection of privacy sensitive data, the quality aspects confidentiality, integrity and availability and auditability, as well as security standards and best practices: ISO 2700x, ITIL, COBIT, SOX, SAS 70. We view information security from a management and organizational perspective. By investigating case studies we will also deal with technical aspects. We will practise the assessment of information systems for compliance (IT Audit skills).
Study Goals
By the end of the course, the student
- has acquired sufficient knowledge and expertise of relevant organisational, procedural and technical information security measures, for securing an information chain (knowledge),
- can perform a risk analysis of a specific system (skill),
- can set up and execute a limited information security assessment (IT audit skills)
- has developed a critical attitude, and is aware of the importance of a well founded opinion on information security
Education Method
Lectures, discussions, audit assignments
Literature and Study Materials
- ISACF. (2007). Control Objectives for Information and related Technology (COBIT 4.1): Information Systems Audit and Control Foundation.

- ISO/IEC. (2005). ISO/IEC 27001:2005 - Information technology - Security techniques ‐ Information security management systems - Requirements: International Organization for Standardization Additional

- various online papers
- written exam
- take-home assignment: how to design and assess a security system