University of Oxford Logo University of OxfordSoftware Engineering - Home
On Facebook
Follow us on twitter
Linked in
Linked in
Google plus
Google plus
Stumble Upon
Stumble Upon

Security & Incident Management

A key ingredient of successful security and risk programmes is effective management of security-related incidents. Incidents range from small and predictable - which can be eliminated through operation controls, through to large and unpredictable - when standard management controls and mechanisms may not work. This module introduces the principles of incident management in practical security contexts and draws out the key themes for effective response to the panoply of events and triggers that impact businesses, governments and individuals alike.


This course normally runs twice a year.

Course dates

5th February 2024Oxford University Department of Computer Science - Held in the Department 0 places remaining.
7th October 2024Oxford University Department of Computer Science - Held in the Department13 places remaining.


The successful participant will:

  • have an understanding of the key themes and principles of security incident management; be able to apply these principles in designing systems and models for managing security incidents;
  • understand how to apply the principles of incident management in a variety of contexts; be able to make a case to argue the extent to which strong processes coupled with technology can assist in the resolution of security incidents and how this is changing over time;
  • have an appreciation of the wider context of security incident management, and in particular of the relationship with other key disciplines, such as business continuity and crisis management.


Incident Management
General Objectives - IM in support of the business objectives and purpose;  the causes of incidents – anticipation, prediction, and understanding of the threat;  the outcomes and consequences of an incident – feedback mechanisms;  qualitative vs quantitative approach – techniques and formalisation; Creating incidents to reduce incidents - testing the system;  non-IT related security incidents - physical events; incident management and software development;  how can software developers help with incident response and vice versa?
Crisis Management
General Objectives - managing a crisis when management structures don’t work; "Making a drama out of a crisis" - the value of simulation and practice of the unforeseen;
Business Continuity
General Objectives - supporting the business requirements – integrating incident response with business continuity; Key elements of business continuity management - frameworks, structures, business impacts and planning; evolution of operational resilience