Completing this Postgraduate diploma will place software and computer systems engineering professionals at the forefront of the latest developments in the sector"

Learn to design, evaluate and manage engineering projects thanks to this high-quality program”

This comprehensive program in Software Security Management and Auditing will allow professionals in the IT industry to deepen their understanding and learn about the processes of management and monitoring of quality and secure software that meets the predefined requirements.

This high-quality program will allow the student to learn about the information security process, its implications in confidentiality, integrity, availability and economic costs, as well as to understand the problems related to software security, its vulnerabilities and their classification. 

With this program, the student will have access to the most advanced teaching resources and will have the opportunity to study a program that brings together the most in-depth knowledge in the field. A group of highly scientifically qualified professors with extensive international experience will provide students with the most complete and up-to-date information on the latest advances and techniques in Software and Computer Systems Engineering.

The syllabus covers the main current topics in Software and Computer Systems Engineering in such a way that whoever masters them will be prepared to work in this field. Therefore, it is not just another diploma in your backpack, but a real learning tool to approach the topics of the specialty in a modern, objective way and with the ability to make a judgment based on today's most cutting-edge information.

It should be noted that as this is a 100% online Postgraduate diploma, the student is not conditioned by fixed schedules or the need to move to another physical location, but can access the contents at any time of the day, balancing their work or personal life with their academic life. 

If they want to differentiate themselves from others and be capable of designing complex systems engineering projects, this is the program for them.

Learn to design, evaluate and manage engineering projects thanks to this high-quality program”

This Postgraduate diploma in Software Security Management and Auditing contains the most complete and up-to-date educational program on the market. The most important features include: 

• The development of case studies presented by experts in Software Security Management and Auditing
• The graphic, schematic, and practical contents with which they are created, provide scientific and practical information on the disciplines that are essential for professional development
• Practical exercises where self-assessment can be used to improve learning
• Special emphasis on innovative methodologies in Software Security Management and Auditing
• Theoretical lessons, questions to the expert, debate forums on controversial topics, and individual reflection assignments
• Content that is accessible from any fixed or portable device with an Internet connection

Specialize in computer systems with the help of professionals with extensive experience in the sector”

Its teaching staff includes professionals belonging to the field of Software Security Management and Auditing who contribute their work experience to this program, as well as renowned specialists from reference societies and prestigious universities.

The multimedia content, developed with the latest educational technology, will provide the professional with situated and contextual learning, i.e., a simulated environment that will provide immersive learning programmed to train in real situations.

This program is designed around Problem-Based Learning, whereby the professional must try to solve the different professional practice situations that arise throughout the program. For this purpose, the professional will be assisted by an innovative interactive video system created by renowned and experienced Software Security Management and Auditing . 

This program has the best educational resources that can be accessed online or downloaded, to make it easier for you to manage your studies and effort”

This 100% online Postgraduate diploma will allow you to combine your studies with your professional work. You choose where and when to train”

The structure of the contents has been designed by the best professionals in the sector, with extensive experience and recognized prestige in the profession, and aware of the benefits that the latest educational technology can bring to higher education.   

We have the most complete and up-to-date scientific program on the market. We strive for excellence and for you to achieve it too"

Module 1. Safety Management

1.1. Information Security

1.1.1. Introduction
1.1.2. Information Security Involves Confidentiality, Integrity and Availability
1.1.3. Security is an Economic Issue
1.1.4. Security is a Process
1.1.5. Classification of Information
1.1.6. Information Security Involves Risk Management
1.1.7. Security is Articulated with Security Controls
1.1.8. Security is Both Physical and Logical
1.1.9. Security Involves People

1.2. The Information Security Professional

1.2.1. Introduction
1.2.2. Information Security as a Profession
1.2.3. Certifications (ISC)2
1.2.4. The ISO 27001 Standard
1.2.5. Best Security Practices in IT Service Management
1.2.6. Information Security Maturity Models
1.2.7. Other Certifications, Standards and Professional Resources

1.3. Access Control

1.3.1. Introduction
1.3.2. Access Control Requirements
1.3.3. Authentication Mechanisms
1.3.4. Authorization Methods
1.3.5. Access Accounting and Auditing
1.3.6. Triple A" Technologies

1.4. Information Security Programs, Processes and Policies

1.4.1. Introduction
1.4.2. Security Management Programs
1.4.3. Risk Management
1.4.4. Design of Security Policies

1.5. Business Continuity Plans

1.5.1. Introduction to BCPs
1.5.2. Phase I and II
1.5.3. Phase III and IV
1.5.4. Maintenance of the BCP

1.6. Procedures for the Correct Protection of the Company

1.6.1. DMZ Networks
1.6.2. Intrusion Detection Systems
1.6.3. Access Control Lists
1.6.4. Learning from the Attacker: Honeypot

1.7. Security Architecture. Prevention

1.7.1. Overview. Activities and Layer Model
1.7.2. Perimeter Defence (Firewalls, WAFs, WAFs, IPS etc.)
1.7.3. Endpoint Defence (Equipment, Servers and Services)

1.8. Security Architecture. Detection

1.8.1. Overview Detection and Monitoring
1.8.2. Logs, Encrypted Traffic Breaking, Recording and Siems
1.8.3. Alerts and Intelligence

1.9. Security Architecture Reaction

1.9.1. Reaction Products, Services and Resources
1.9.2. Incident Management
1.9.3. CERTS y CSIRTs

1.10. Security Architecture. Recuperation

1.10.1. Resilience, Concepts, Business Requirements and Regulations
1.10.2. IT Resilience Solutions
1.10.3. Crisis Management and Governance

Module 2. Software Security

2.1. Problems of the Software Security

2.1.1. Introduction to the Problem of Software Safety
2.1.2. Vulnerabilities and their Classification
2.1.3. Secure Software Properties
2.1.4. References

2.2. Software Security Design Principles

2.2.1. Introduction
2.2.2. Software Security Design Principles
2.2.3. Types of S-SDLC
2.2.4. Software Security in S-SDLC Phases
2.2.5. Methodologies and Standards
2.2.6. References

2.3. Software Lifecycle Safety in the Requirements and Design Phases

2.3.1. Introduction
2.3.2. Attack Modeling
2.3.3. Cases of Abuse
2.3.4. Security Requirements Engineering
2.3.5. Risk Analysis Architectural
2.3.6. Design Patterns
2.3.7. References

2.4. Software Lifecycle Safety in the Coding, Testing and Operation Phases

2.4.1. Introduction
2.4.2. Risk-Based Safety Testing
2.4.3. Code Review
2.4.4. Penetration Test
2.4.5. Security Operations
2.4.6. External Review
2.4.7. References

2.5. Secure Coding Applications I

2.5.1. Introduction
2.5.2. Secure Coding Practices
2.5.3. Manipulation and Validation of Inputs
2.5.4. Memory Overflow
2.5.5. References

2.6. Secure Coding Applications II

2.6.1. Introduction
2.6.2. Integers Overflows, Truncation Errors and Problems with Type Conversions between Integers
2.6.3. Errors and Exceptions
2.6.4. Privacy and Confidentiality
2.6.5. Privileged Programs
2.6.6. References

2.7. Development and Cloud Security

2.7.1. Safety in Development; Methodology and Practice
2.7.2. PaaS, IaaS, CaaS and SaaS Models
2.7.3. Security in the Cloud and for Cloud Services

2.8. Encryption

2.8.1. Fundamentals of Cryptology
2.8.2. Symmetric and Asymmetric Encryption
2.8.3. Encryption at Rest and in Transit

2.9. Security Automation and Orchestration (SOAR)

2.9.1. Complexity of Manual Processing; Need to Automate Tasks
2.9.2. Products and Services
2.9.3. SOAR Architecture

2.10. Telework Safety

2.10.1. Need and Scenarios
2.10.2. Products and Services
2.10.3. Telework Safety

Module 3. Security Audit

3.1. Introduction to Information Systems in the Company

3.1.1. Introduction to Information Systems in the Company and the Role of IT Auditing
3.1.2. Definitions of "IT Audit" and "IT Internal Control"
3.1.3. Functions and Objectives of IT Auditing
3.1.4. Differences between Internal Control and IT Auditing

3.2. Internal Controls of Information Systems

3.2.1. Functional Flowchart of a Data Processing Center
3.2.2. Classification of Information Systems Controls
3.2.3. The Golden Rule

3.3. The Process and Phases of the Information Systems Audit

3.3.1. Risk Assessment and Other IT Auditing Methodologies
3.3.2. Execution of an Information Systems Audit. Phases of the Audit
3.3.3. Fundamental Skills of the Auditor of an IT System

3.4. Technical Audit of Security in Systems and Networks

3.4.1. Technical Security Audits. Intrusion Test. Previous Concepts
3.4.2. Security Audits in Systems. Support Tools
3.4.3. Security Audits in Networks. Support Tools

3.5. Technical Audit of Security on the Internet and in Mobile Devices

3.5.1. Internet Security Audit. Support Tools
3.5.2. Mobile Devices Security Audit. Support Tools
3.5.3. Annex 1. Structure of an Executive Report and Technical Report
3.5.4. Annex 2. Tools Inventory
3.5.5. Annex 3. Methods

3.6. Information Security Management System

3.6.1. Security of IS: Properties and Influential Factors
3.6.2. Business Risks and Risk Management: Implementing Controls
3.6.3. Information Security Management System (ISMS): Concept and Critical Success Factors
3.6.4. ISMS-PDCA Model
3.6.5. ISMS ISO-IEC 27001: Organizational Context
3.6.6. Annex 4. Context of the Organization
3.6.7. Annex 5. Leadership.
3.6.8. Annex 6. Planning
3.6.9. Annex 7. Support
3.6.10. Annex 8. Operation
3.6.11. Annex 9. Performance Evaluation
3.6.12. Annex 10. Improvement
3.6.13. Annex to ISO 27001/ISO-IEC 27002: Objectives and Controls
3.6.14. ISMS Audit

3.7. Carrying Out the Audit

3.7.1. Procedures
3.7.2. Techniques

3.8. Traceability

3.8.1. Methods
3.8.2. Analysis

3.9. Copyright

3.9.1. Techniques
3.9.2. Results

3.10. Reports and Presenting Proof

3.10.1. Types of Reports
3.10.2. Data Analysis
3.10.3. Presenting Proof

A comprehensive and multidisciplinary program that will allow you to excel in your career, following the latest advances in the field of Software Security Management and Auditing ”