Management of IA
This course examines management aspects of information
assurance, including standards for security products, policy
guidelines, security awareness, ethical decision-making, employment
practices and policies, operations security and production
controls, e-mail and Internet use policies, working with law
enforcement, using social psychology to implement security
policies, and auditing computer security. The course includes
sections on detection of security breaches, methods of remediation
such as computer emergency quick-response teams, backups and
archives, business continuity planning, disaster recovery
planning and insurance. Students examine fundamentals of management
responsibilities and liabilities and risk assessment methodologies.
The course ends with a review of current hot topics in the
field such as medical records security, censorship, privacy,
and anonymity. IS340 (Introduction to Information Assurance)
is recommended but not required as a prerequisite. Required
for BSCSIA degree.
(PDF FILES unless
-- detailed assignments, grading, standards, requirements, policies,
rewards, penalties, and also the Secret of Life, the Universe
-- day-by-day listing of every required reading, quiz, exam,
Term-Paper Guidelines -- how
to avoid falling into a swamp of errors.
Instructor Office Hours / Schedule
For additional useful tips and tricks, click on the Methods
Copyright © 2023 M. E. Kabay.
All rights reserved.
The opinions expressed in any of the writings
on this Web site represent the authorís opinions and do not
necessarily represent the opinions or positions of his employers,
associates, colleagues, students, relatives, friends, enemies,
cats, dog or plants. Materials copyrighted by M. E. Kabay
from this Website may be freely used for non-commercial teaching
(i.e., specifically in any courses for academic credit or
in free industry training at workshops or within organizations)
but may not be re-posted on any Website or used in commercial
training (where participants must pay fees for participation
in the conference or workshop or where the instructor is paid)
without express written permission. Any unauthorized sale
of these copyrighted materials will be prosecuted to the full
extent of the law.