Master in information security


2 locations available

Program Description


Society is evolving faster than the emergence of new risks and threats to information, which is so essential to organizations today. For this reason, there is a growing and unstoppable demand for qualified personnel in information security, who knows in detail the most strategic aspects in this area.

The Master in Information Security aims to enable knowledge professionals to enable them to develop information security policies and plans in accordance with the corporate strategy, the legislation in force and an appropriate balance between investment and risk. Train professionals with the necessary legal and compliance knowledge who are able to apply and audit technical measures more appropriate to each situation.

The program of this course of the IMF Business School, deepens data security, IT security, information technology security (ICT) and covers all applicable legislation, certification references and best practices and their implementation strategies. All this without forgetting the general context of the strategic management of the company.

At the end of the Master will be a professional with knowledge and knowledge of the law of data protection (LOPD), its application in ICT security, ISO 27001 and how to obtain its certification, as well as other standards, National Security Scheme (ENS), ISO 20000, Governance, Risk and Compliance (GRC). As an expert in data privacy, you can perform security audits of software, networks and systems and develop secure systems.


  • Acquire the main concepts in an integral and professional way
  • Know the right of new technologies and regulations in this area
  • Master international standards
  • Create and apply technical security policies for information systems
  • Create integral security systems in an organization
  • Being able to perform consulting and auditing work
  • Prevent the leakage of company personal data
  • Implement an Information Security Management System (ISMS) and an SGCN (Business Continuity Management System)
  • Mastering cryptographic techniques

Access Requirements

Bachelor's or equivalent professional experience


Professionals who want to develop or enhance their information security skills and thus improve their competitiveness in the labor market


Module I

Regulation of ICT. Organic Law of Data Protection

  1. Purpose and scope
  2. General concepts
  3. Principles of the LOPD
  4. Assignment or communication of data
  5. Rights of persons
  6. The concept of archive
  7. Security measures
  8. International data transfer
  9. The Spanish Agency for Data Protection
  10. Infractions and penalties

Module II

LSSI, Telecommunications, Consumers and Users

  1. Information society services. Trade and electronic contracting
  2. Telecommunications
  3. Consumers and users

Module III

Introduction to New Technologies Law

  1. Introduction to the law of new technologies
  2. Computer crime
  3. Intellectual property
  4. Industrial property
  5. IT contracting
  6. Electronic signature

Module IV

ISO / IEC 27001

  1. Introduction to ISO / IEC 27001
  2. Context of organization and leadership
  3. Planning
  4. Support
  5. Operation
  6. Performance evaluation
  7. Improvement
  8. Security check

Module V

Business Continuity Systems

  1. Introduction to the business continuity rule
  2. Similarities and differences between ISO 22301 and BS 25999-2
  3. Development of ISO 22301
  4. Development of standard BS 25999-2
  5. Establish an SGCN
  6. Develop awareness of SGCN
  7. SGCN Awareness Strategies
  8. Impact analysis - purpose
  9. Impact analysis - procedure, indicators and practice
  10. Hazard Analysis - Purpose
  11. Risk analysis - procedural and practical indicators
  12. Recovery Strategies - Purpose
  13. Recovery Strategies - Business Continuity Options
  14. Recovery strategies - strategic options
  15. Recovery strategies - technology solutions
  16. Response to incidents
  17. Incident management plan
  18. Business Continuity Plan
  19. Activity response plans and indicators
  20. Return to normal
  21. Continuous improvement
  22. Essays with an SGCN
  23. SGCN Maintenance
  24. Review of an SGCN
  25. Disaster Recovery Equipment in an SGCN

Module VI

Other Standards in the Scope of Information Security

  1. National Security Plan - ENS
  2. PCI-DSS
  3. ISO / IEC 20000
  4. Government of ICT - COBIT
  5. Governance, risk and compliance - GRC

Module VII

Network and Systems Security

  1. Physical security
  2. System security
  3. Network security
  4. Encryption
  5. Security monitoring

Module VIII

Secure Development and Security Audits

  1. Software protection
  2. Secure desktop programming
  3. Malware
  4. OWASP. Internet safety

Module IX

Business Creation

  1. The art of undertaking
  2. The company, the strategy and the management team
  3. The market
  4. The marketing
  5. The financing


English course

Basic, Pre-intermediate, Intermediate or Advanced
The student can choose one of the four levels


The Master in Information Security offers a totally flexible methodology adapted to your needs, regardless of geographical location or availability of time.

E-Learning Methodology: All content will be available on the campus virtual campus 24 hours a day, 7 days a week, without any mandatory schedule so it becomes extremely flexible. In this way, it is easy to reconcile an active professional life with an excellent academic formation.

All contents are updated with great technical rigor, are easy to understand and have a clear practical vocation.

The IMF Business School offers its students:

  • Personal tutorials (chat, phone, email)
  • Webinars
  • Discussion and discussion groups through forums and chats
  • Self evaluation tests
  • Case studies and documentation
  • Virtual Library


The program of the Master in Information Security is developed with the purpose of uniting information security in practice and theory. The student will have exercises and self-assessment tests during each training module, through the Virtual University Campus.

To obtain the double degree Master IMF Business School + Master Camilo José Cela University, it will be necessary to pass a final evaluation exam.


The Course Tutors Panel is comprised primarily of corporate and academic professionals who can pass on to students real work experience and practical examples from their experience in business activity.

Download the programmatic content to know the Panel of Tutors.

Career Opportunities

At the end of our Master in Information Security is prepared to exercise as:

  • Information Security Auditor
  • Director of Information Systems / Information Security
  • Chief Information Officer (CIO)
  • Data Protection Office (DPO), Data Protection and Privacy Officer
  • Consultant Specialist in Information Security and Business Continuity
  • Compliance Specialist

What kind of companies require a profile with this Master?

All those companies that want to know and put into practice the main solutions against possible weaknesses within an Organization, With this training will acquire the necessary skills to provide a normative and technical framework in the security needs, thus favoring the ease of use and confidentiality of the information systems.

The most important areas that require professionals in this sector are:

  • The health area, where you work with personal information of patients, it being necessary to avoid that information is lost, modified or accessed without authorization
  • In the financial or banking field, where confidential information is handled
  • Industrial development or product development environments, where it is important to safeguard the confidentiality of processes and procedures
  • In the area of ​​insurance companies
  • In specialized consultancy in this subject
  • In large organizations, public or private, which require more and more specialized information security profiles
Last updated July 2017

About the School

O IMF Portugal é uma sociedade comercial de Direito Português inserida no grupo IMF Business School, e a sua atividade dirige-se aos Países de Língua Oficial Portuguesa. O IMF Portugal tem como objeto ... Read More

O IMF Portugal é uma sociedade comercial de Direito Português inserida no grupo IMF Business School, e a sua atividade dirige-se aos Países de Língua Oficial Portuguesa. O IMF Portugal tem como objeto o exercício das atividades de representação, divulgação, promoção e comercialização em Portugal e nos demais Países de Língua Portuguesa, cursos ministrados por instituições que prestam formação à distância (e-learning), Universidades, Politécnicos e Escolas, sejam nacionais ou estrangeiros. Read less
Lisbon , Portugal Online + 1 More Less