Security Policy and IT Risk Management
General
Prefix
IA
Course Number
673
Course Level
Graduate
Department/Unit(s)
College/School
Herberger Business School
Description
Advanced development of security policy in line with legal requirements; Systematically identifying risks; analyzing the likelihood and impact of their occurrence; deciding what action to take to prevent, minimize, accept or transfer their risks; contingency planning.
Credits
Min
3
Max
3
Repeatable
No
Goals and Diversity
MN Goal Course
No
Cultural Diversity
No
Learning Outcomes
Outcome
Define information security policy and understand its central role in a successful information security program.
Outcome
Describe the three major types of information security policy and explain what goes into each type.
Outcome
Develop, implement and maintain various types of information security policies.
Outcome
Identify and assess potential security risk.
Outcome
Identify the threats to information security and attacks associated with those threats.
Outcome
Assess the risk management process.
Outcome
Apply both quantitative and qualitative risk assessment techniques to security log data.
Outcome
Modify a security plan based on assessment results.
Outcome
Articulate the importance of using assessment and security tools in an ethical and legal manner.
Outcome
Describe the risk mitigation strategy options for controlling risks.
Outcome
Identify steps in contingency planning.
Dependencies
Programs
IA673
is a
completion requirement
for: