• Prospective Students
• Alumni
• Business & Industry
• Visitors

• Apply Now »
  • Undergraduate
  • Graduate

• School of Applied Technology
• Information Technology & Management
• Industrial Technology & Management
• Professional Learning

Information System Security Management, IT 478

About this Course:
In-depth examination of topics in the management of information technology security including access control systems and methodology, business continuity and disaster recovery planning, legal issues in information system security, ethics, computer operations security, physical security and security architecture & models using current standards and models.

Course Features

Prerequisites:
Basic understanding of information system (IS).

Who Should Attend:
Professionals involved in information security management in an organization, or participants who want to learn information security management for a large organization. Participant will learn how to conduct an audit, policies and other best practices followed.

Expected Outcomes:

Participants will demonstrate foundation knowledge and application of information system (IS) security concepts as they apply the management of IS security in a large organizational environment. Participants will describe and identify policy frameworks, legal and moral implications, and best practices in information security management. Participants will be able to conduct a security audit of an organization and report on the results with appropriate suggestions for amelioration of problem areas identified.

Participants will learn to describe information security, its key terms and critical concepts, outline the phases of the security system's development life cycle, define risk management and its role in the Security Systems Development Lifecycle, and conduct an information security audit of an existing business, government agency or organization. Participants will be able to explain management's role in the development , maintenance, and enforcement of information security policies, standards, practices, procedures and guidelines, explain contingency planning , incident response, disaster recovery and business continuity plans, identify various types of firewalls, and its implementations, and define the process of encryption and key terms.

Course Outline:

• Introduction to Information Security
• Planning for Security
• Security Policy
• Risk Management I
• Risk Management II
• The Information Security Audit
• Disaster Recovery & Business Continuity
• Developing Security Programs
• Security Management Models & Practices
• Protection Mechanisms
• Personnel and Security
• Legal, Ethical & Professional Issues
• Security Project Management
• IS Audit Class Presentations

CEU:
4.5

Instructor:
Bonnie A. Goins

As an International Association for Continuing Education and Training (IACET) Authorized Provider, the Professional Learning Programs department of the IIT School of Applied Technology (SAT) offers CEUs for its programs that qualify under the ANSI/IACET Standard.