Information Security Planning – CSIS 341

CG • Section 8WK • 11/08/2019 to 04/16/2020 • Modified 07/28/2020

Course Description

This course will deal with the proper planning for and initial implementation of an Information Security program. The topics included would be: security planning and policies, risk analysis, program accreditation, systems lifecycle management, contingency planning, physical security measures, personal security practices and procedures, software security, network security, administrative controls, crypto security. (Formerly CSCI 351)

Prerequisites

CSCI 340 or BMIS 340 or CSIS 340

Rationale

In order for students to fully grasp information systems security, they must have a thorough understanding of system capabilities, functionality, and how to best protect the system. Operation of a healthy organization requires reliable business processes that protect information, legal compliance, and keep costs low. Properly designed and implemented information security policies and frameworks mitigate risks that increase with the expansion of global interactivity and connectivity. To mitigate these risks, security plans must be implemented, audited, and maintained.

Measurable Learning Outcomes

Upon successful completion of this course, the student will be able to:

  1. Evaluate the key components of information security policy planning guidelines.
  2. Evaluate information security policy regulations and framework.
  3. Analyze industry specific sector requirements pertinent to policy development.
  4. Select current business information security policies to obtain best practices.
  5. Apply guidelines and best practices during the development of a security policy.

Course Assignment

Textbook Readings

Course Requirements Checklist

After reading the Course Syllabus and Student Expectations, the student will complete the related checklist found in Module/Week 1.

Discussion Board Forums (5)

Discussion boards are collaborative learning experiences. Therefore, the student will participate in weekly activities by researching and addressing the topics provided for each module. During the weekly Discussion Board Forum assignments on information security planning, the student will post 1 thread and 2 replies.

Projects (7)

The student will implement practical hands-on learning skills into a virtualized server environment. Each project is intended to deliver a unique learning experience designed to engage the student to apply the theory learned throughout the module/week into a practical research-based learning environment.

In order to utilize this implementation, a minimum of 25 GB of available hard disk space, with at least 512 MB RAM, and running at least an Intel (or equivalent) 1 GHz processor, which supports virtualization technologies, is required. It is recommended that the system consist of a multi-core processor running a 64-bit Operating System environment.

Mid-Term Research Paper (1)

In Module/Week 4, the student is asked to write a paper which provides a comprehensive reflection of the learning objectives and concepts addressed in the course so far.

Final Research Paper (1)

In Module/Week 8, the student will prepare a research paper that is designed to provide a comprehensive learning approach where the student can utilize the information learned throughout the course and apply it in a practical and theoretical manner.