No overview, no security: How distance learning students learn to understand IT systems in a practical way

April 16, 2026

In the “Information Security Management” course of the Bachelor’s program in Business Informatics at Ferdinand Porsche FERNFH, students learn not only to understand IT systems in theory, but also to identify and manage specific risks—with the support of state-of-the-art software solutions and close partnerships with industry.

Information security begins with transparency: If you don’t understand how processes, applications, and infrastructure are interconnected, it’s nearly impossible to identify risks. This is exactly where the Information Security Management course comes in. Students in the Bachelor’s program in Business Informatics have the opportunity to explore IT Asset Management (ITAM) and Configuration Management Database (CMDB) solutions, such as i-doit, and test them through hands-on group assignments.

The lecturers, Thomas Györgyfalvay and Peter Gneist —both graduates of the Ferdinand Porsche FERNFH—emphasize the relevance of their course content:“A well-functioning service and asset management process is the foundation of information security. A properly maintained CMDB provides transparency regarding services and their dependencies, enabling risks and failure scenarios to be identified early on. Failure simulations build on this—and the efficient use of the CMDB in day-to-day operations is crucial.”

Thanks to the free licenses provided for the course, students were able to make extensive use of the software and gain hands-on experience with the added value of comprehensive documentation.

Practical Relevance Through Experts and Software Partners

To this end, the speakers rely on collaboration with partners from the field. Fabian Wolff from i-doit supports the students by teaching them how to use the software in a practical, real-world context. In addition, the students benefited from an online session led by Christian Wally from don’t panic it-services gmbh in Bludenz, Vorarlberg, which provided them with a detailed insight into the software and its use in a real-world business environment.

As part of the“Thinking Ahead: Business Informatics”startup conference in the Bachelor’s program in Business Informatics, students also had the opportunity during the summer semester to learn about information security management systems (ISMS) such as CISIS12® (Compliance, Information, and Security Management System in 12 Steps).

Security Through Structure and Knowledge

This course vividly demonstrates how theory and practice interact in the field of information security. A well-maintained CMDB and documentation of all relevant IT systems form the foundation for effective risk management. Students thus learn not only to identify risks, but also to analyze them systematically and develop preventive measures.

Thanks to hands-on training and support from software and industry partners, the next generation of business IT specialists is optimally prepared for the challenges of information security.


About the "Information Security Management" Course

The “Information Security Management” course teaches students the fundamentals and practical implementation of information security management systems (ISMS). Building on an overview of IT threats and the security engineering process, participants learn about key standards and frameworks such as ISO 2700x, IT-Grundschutz, the Austrian Information Security Handbook, and models such as CISIS12 and ISA+.

There is a particular emphasis on practical application: Using various tools, students analyze IT infrastructures, identify risks, and develop measures to secure systems. Real-world examples illustrate the importance of transparency, asset management, and structured processes for effective information security.

The Speakers

Thomas Györgyfalvay (born 1973) studied computer science at the Vienna University of Technology after graduating from the HTL in electronics and communications engineering, as well as business informatics (Bachelor’s degree) at FERNFH and a master’s program in project management. Since 1996, he has been working at an engineering firm in Mödling that specializes in communications and information systems as well as management consulting. As a Principal Consultant, his areas of expertise include system design, project and process management, public tenders, and training. He has spent parts of his more than 30-year career working abroad.

Peter Gneist earned his bachelor’s degree in Business Informatics from FERNFH Wiener Neustadt in 2012 and completed his master’s degree with honors in 2024. He is a certified IREB Requirements Engineer (Advanced Level) and Scrum Product Owner. His professional focus is on software development, IT architecture, and project management, as well as agile methods, information security, and compliance. He currently works at Magenta Telekom as a Senior Manager in the Enterprise Middleware and Core Provisioning division, where he is responsible for cross-functional technical processes.