None
Course Number:
CSCI 4617
Approved Starting Semester:
Fall 2021
Course Title:
Security Policy and Governance
Credit Hours:
3
Course Description (Bulletin Description):
This course covers policy development through monitoring and governance stages - policies such as privacy, acceptable use, physical security, breach disclosure, data collection and retention policies, cloud security, and supply chain are covered. Best-in-class methodologies will be used to create security policy that will communicate the organization's asset protection objectives.
Prerequisite:
CSCI 4200
Co-requisite:
None
Pre/Co-requisite::
None
Dual-Listed:
CSCI 5617
Course Objectives (Course-level Student Learning Outcomes):
At the completion of the course, the student will be able to: 1. Identify the role of an information systems security (ISS) policy framework in overcoming business challenges. 2. Analyze how security policies help mitigate risks and support business processes in various domains in the information technology (IT) infrastructure. 3. Describe the components and basic requirements for creating a security policy framework. 4. Describe the different methods, roles, responsibilities, and accountabilities of personnel, along with the governance and compliance of security policy framework. 5. Describe the different ISS policies associated with the user domain. 6. Describe the different ISS policies associated with the IT infrastructure. 7. Describe the different ISS policies associated with risk management. 8. Describe the different ISS policies associated with incident response teams (IRT). 9. Describe different issues related to implementing and enforcing ISS policies. 10. Describe the different issues related to defining, tracking, monitoring, reporting, automating, and configuration of compliance systems and emerging technologies.
Topics Covered (In Outline/Calendar):
• Privacy policy • Privacy and civil liberties/legal foundations of privacy protection • Acceptable use policy • Physical security policy • Inference controls/statistical disclosure limitation • Backup policy, password refresh policy • Breach disclosure policy • Data collection and retention policies • Supply chain policy • Cloud security tradeoffs
Student Learning Outcomes:
- Analyze a complex computing problem and to apply principles of computing and other relevant disciplines to identify solutions. (SLO1)
- Support the delivery, use, and management of information systems within an information systems environment. (SLO6-CIS)
Course Coordinator:
Dr. Majdi Lusta
Instructor-in-charge:
Dr. Majdi Lusta
Previous Professors:
Dr. Majdi Lusta
Technologies / Skills:
Security policy
Textbook(s):
Fall 2024
---------------------------------
Title: SECURITY POLICIES AND IMPLEMENTATION ISSUES
Edition: 3RD
Author: JOHNSON
Publisher: O'REILLY
ISBN: 9781284199840
---------------------------------
Title: THEORY LABS FOR SECURITY POLICIES AND IMPLEMENTATION ISSUES
Edition: 3RD
Author: JOHNSON
Publisher: O'REILLY
ISBN: 9781284199932
========================================
Go back to choose another course