The course is about organizational and technological aspects of information systems security. It provides the core knowledge for securing enterprise information systems. The course covers classification of information, analysis of information systems security risks, implementation of security control system as well as other aspects of information systems security management. It also includes an overview of typical information systems security threats and methods for aversion of these threats. The course covers not only the technological aspects of information systems security but also the impact of human factors.