This subject introduces the fundamental concepts related to the management of information security (e.g. vulnerability, threat, risk). It is devoted to the study of the methodologies, tools and specifications that deal with risk analysis and the development of information security management systems.