This class explores the overarching security architectures and vectors of information assurance from a management perspective to allow the learner to formulate the basis for sound business decisions. Students gain an appreciation for systems, networks, processes, methodologies, documentation requirements, recovery processes, certification and accreditation processes as well as "best practice" implementation, training and continuous improvement. Discussions in this course give the correct acumen of personnel security, physical security, and technical operational security as these principles relate and interface with information security principles. Defense-in-depth principles also are covered for designing proper physical security programs. At the completion of the course students should be able to manage an IA function and evaluate an organization’s Contingency Planning process for adequacy.
Learning Objectives
- Describe the principal functions of an Information Systems Security Officer (ISSO).
- Describe the principal Information Security functions of System Certifiers (AKA,
- Certification Agents).
- Understand the importance of general enterprise-wide security awareness in the day-today
- protection of an enterprise.
- Demonstrate a fundamental knowledge of the laws and regulations enacted to combat
- computer crimes.
- Demonstrate a fundamental understanding of the impact of laws and regulations on both
- policies and practices of organizations.
- Establish fundamental information security policies and procedures.
- Describe the threats and vulnerabilities facing an enterprise - both its physical and
- technical infrastructure and its intellectual property