In this integrative course, students assess the information security risk associated with an identified management problem. Students then develop a risk mitigation strategy which integrates principles and techniques of risk analysis, project planning, and change management.
By the end of this course, the student should know or be able to:
- To assess the level of risk in an organization with respect to an identified Information Security management problem.
- To formulate a strategy to mitigate the identified Information Security risk, while limiting liability exposure.
- To evaluate the defined strategy to ensure that it either reduces, mitigates, or transfers risk, or results in an acceptable residual risk.
- To develop a project plan for implementing the chosen strategy that addresses resources, schedules, and organizational change management requirements