The course provides an overview of the concepts and technologies, management and legal issues for the protection of data during processing, storage and transmission. It is important that information security requirements be understood at the organizational level; appropriate information security policy be derived; cost-effective information security solution be planned and deployed; and evidence to auditors be provided on how well an organization has performed when required.

For a student to pass the course, at least 30% of the maximum mark for the examination must be obtained.