General Engineering Program
General Data
Academic program General Engineering Program :
Type d'EC Classes (LIIAem08EBaseSI)
Lectures : 15h00
Tutorials : 2h00
Lab Work : 4h00
Total duration : 27h00
Status :
Period :
ACADEMIC SEMESTER
Education language :
French/English
Learning Outcomes
This course consists of a lecture, tutorials and practical work. The skills developed are grouped into 3 major groups:
C5- Understanding the issues of the information system from the point of view of the customer project manager
- Understand the notion of information system and its main interests
- Identify the software components involved in the construction of an enterprise information system
- Identify the different stages of deployment for a company
- Modelize the information system (process, life cycle, architecture)
C6- Estimate risks and take them into account
- Implement a simple risk analysis methodology (principle, methods, safety and models, quality, risk treatment)
- Identify the IS threats and the associated safeguarding measures (accidental or deliberate threats, hackers, attacks, countermeasures)
- Recognize a "social engineering" attack (types of implementation, countermeasures)
C7- To understand the concepts related to the implementation of a security policy
- Identify the principles of the implementation of a information security policy - ISP (holistic security, management, perimeter of confidence of the company, outsourcing)
- Master the processes of a security policy to participate in its implementation (ISP, methods, link with quality)
- Distinguish the actors from the implementation of the security policy and identify their legal responsibilities (CIO, ISSO, DPO, Business Departments, project team, civil and criminal responsibilities)
Content
- Introduction (objectives, stakes for the engineer)
- History of information systems (IS)
- The information system:
- Urbanization and interoperability (principles of urbanization, criteria of interoperability)
- Governance (different organizations, strategic issues, maturity of the IS)
- IS modeling (cartography, BPMN)
- Technological components
- application components (HTTP, XML, HTML, LDAP / Directories, Databases)
- Hardware Architecture (processors, storage, system rooms)
- Software Architecture (operating system, process management, memory management)
- Backup and Archiving (issues, current technologies)
- Virtualization and cloud computing (general principle)
- Standard software offer (software families, selection criteria, publishers' economic models)
- Information system security
- Security Policy (document, methods, WSIS)
- Actors of the IS and the ISP (CIO, ISSO, DPO, professions, external organizations, geopolitics)
- Risk Management (general principle, identification, risk management methods, countermeasures)
Pre-requisites / co-requisites
Networks basics
Database modeling basics
Quality main concepts
Bibliography
http://www.ssi.gouv.fr/fr/bonnes-pratiques/outils-methodologiques/pssi-guide-d-elaboration-de-politiques-de-securite-des-systemes-d-information.html
http://direccte.gouv.fr/IMG/pdf/guide-bonnes-pratiques-IE_1_.pdf
Management des systèmes d'information 15e édition - de Kenneth Laudon , Jane Laudon - PEARSON
Systèmes d'information et management - 7e édition Broché – 26 août 2016 de Robert Reix, Bernard Fallery, Michel Kalika, Frantz Rowe - Vuibert
Assessment(s)
Nature Coefficient Observable objectives
1Assessment of the following skills:
C5- Understanding the issues of the information system from the point of view of the customer project manager
C6- Estimate risks and take them into account
C7- To understand the concepts related to the implementation of a security policy
3Written exam
2 Assessment of the following skills:
C5- Understanding the issues of the information system from the point of view of the customer project manager
1Project
3Practical work2
4
1Practical work
5Practical work1