University Catalog

Print Page

IA 673. Security Policy and IT Risk Management

Credits: 3
Department: Information Systems
Description: Advanced development of security policy in line with legal requirements; systematically identifying risks; analyzing the likelihood and impact of their occurrence; deciding what action to take to prevent, minimize, accept or transfer their risks; contingency planning.
Semester Offered: Spring
Grading Method:

Student Learning Outcomes

1. Define information security policy and understand its central role in a successful information security program.
2. Describe the three major types of information security policy and explain what goes into each type.
3. Develop, implement and maintain various types of information security policies.
4. Identify and assess potential security risk.
5. Identify the threats to information security and attacks associated with those threats.
6. Assess the risk management process.
7. Apply both quantitative and qualitative risk assessment techniques to security log data.
8. Modify a security plan based on assessment results.
9. Articulate the importance of using assessment and security tools in an ethical and legal manner.
10. Describe the risk mitigation strategy options for controlling risks.

The contents in this catalog and other university publications, policies, fees, bulletins or announcements are subject to change without notice and do not constitute an irrevocable contract between any student and St. Cloud State University.