ITM470 Information Security Management

Lead Faculty: Ms. Debra A. Bowen

Course Description

This course covers the managerial aspects of information security on computer networks. Security is becoming of utmost importance. This course prepares the student to manage from start to end all aspects of securing a network. This course is divided into six sections covering various aspects of planning and implementing security policies. It starts with defining what security is, it talks about the security triad, CIA, followed by security management practices. Security models and architectures followed by business continuity planning and disaster recovery are discussed. This course includes laws, investigations, ethics, and operation security.

Learning Outcomes

  • Identify the three main objectives of security programs.
  • Identify security risks, the cost-effectiveness of countermeasures.
  • Describe data protection mechanisms and fault tolerance.
  • Differentiate between government and industry models.
  • Identify global security models.
  • Describe the importance of IP security protocol (IPSec).
  • Explain the importance of business continuity planning.
  • Identify resources to be protected.
  • Identify privileges to be protected.
  • Identify available controls and their types.
  • Select, develop and implement disaster and contingency planning.
  • Implement backup solutions at offline facilities.
  • Learn about laws and ethics related to information security.
  • Identify incident handling procedures.
  • Explain how to collect different types of evidence in computer crime.