Course Description
This course provides an in-depth look at risk factor analysis that must be performed in order to design a flexible and comprehensive security plan. Topics include assessing threats, developing countermeasures, protecting information and security designs processes. Auditing practices used to verify compliance with policies and procedures, as well as for building a case for presentation in private and public settings, are also covered.
Learning Objectives
- Students learn to identify enterprise-specific practices that support and safeguard the governance of information and related technologies, understand the planning and execution of the information systems auditing process, learn to manage the life cycle of information systems acquisition, development, and implementation, explain information systems operations and how information technology (IT) relates to business resilience, evaluate security controls that protect information assets, plan for information asset protection events, and review the stages and responsibilities of a risk-based information systems (IS) audit.
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):