Information Security Management
20 hours over 10 weeks (1 two-hour meeting per week)
Techniques and technologies of information and data security. Types of
attacks and what needs protection. Managerial aspects of computer
security and risk management. Security services. Legal and ethical
issues. Security process and best practices. Accreditation,
procurement, security policy and plan development and enforcement,
contingency, continuity and disaster recovery planning, and incident
handling and response. Internet and e-commerce management issues.
Preparation for design and administration of a complete, consistent,
correct, and adequate security program.
Course Learning Objective:
Awareness of information security management, including threats,
vulnerabilities, countermeasures, ethical and legal issues, and system
life cycle management. Understanding of risk management, physical
security, personnel security practices and procedures, software
security, administrative security procedural controls, auditing,
monitoring, and key management.
Model of information systems security, planning, and management.
Vulnerabilities in and threats to information security. Understanding
of principles and practices of information security management,
including technical, ethical, and legal aspects. Physical security
measures. Personnel security practices and procedures. Audit, control,
and monitoring of systems.
Method of Instruction:
Lecture, assignments, projects, presentations
Tests, assignments, projects, presentations