ITM470 Information Security Management
Lead Faculty: Dr. Debra A. Bowen
This course covers the management aspects of information security on computer systems and networks. Information is becoming a valuable asset and security is vital in maintaining its confidentiality, integrity, and availability. This course explores aspects of securing a network such as identifying threats, vulnerabilities, and assets that aid in planning, risk analysis, and implementation of security policies. Other topics include security management practices, security models and architectures, and business continuity, disaster recovery, and incident response planning. In addition, legal, ethical, and professional issues are analyzed. This course, together with ITM 475, may help students prepare for the Certified Information Systems Security Professional (CISSP) exam.
- Explain the need for information security.
- Compare and contrast the various threats and attacks to information security.
- Differentiate between government and industry models.
- Explain the importance of risk management when planning security.
- Evaluate credentials and best practices for security personnel functions.
- Discuss legal, ethical, and professional issues related to information security.