INSE 410 Corporate Governance, Policy, Risk, and Cybercrime
The risks associated with cybersecurity threats increases as our world becomes ever more interconnected. Learn how to comprehensively manage cybersecurity risks as they relate to modern information systems. This course covers the fundamentals of risks and risk management. Topics include risk identification, threat categorization, and vulnerability assessments. Relevant laws are presented along with approaches to risk mitigation and organizational planning. Organizational impact analysis and continuity planning are reviewed.
Cross Listed Courses
None
Prerequisite
All Technology Core courses
Corequisite
None
Washington Technology University
Syllabus
INSE 410 : Corporate Governance, Policy, Risk, and Cybercrime
5 Credits
Approved: 3/10/2021 9:37:17 PM
Course Description
The risks associated with cybersecurity threats increases as our world becomes ever more interconnected. Learn how to comprehensively manage cybersecurity risks as they relate to modern information systems. This course covers the fundamentals of risks and risk management. Topics include risk identification, threat categorization, and vulnerability assessments. Relevant laws are presented along with approaches to risk mitigation and organizational planning. Organizational impact analysis and continuity planning are reviewed.
Course Required Resources
· Gibson, D. (2015). Managing Risk in Information Systems. Burlington, Massachusetts: Jones & Bartlett Learning.
Course Outcomes
Define information governance and list the basic principles of information governance
Describe the relationship between threats, vulnerabilities, and impact
Explain the objective of a risk management plan and it outputs
Explain threat assessments as they relate to the IT infrastructure
Describe risk mitigation and scope as it relates to business operations, services, and infrastructure
Describe the purpose of Business Continuity Planning (BCP) and Identify key responsibilities of personnel needed for BCP
Describe the need and purpose of a disaster recovery plan (DRP)
Course Keywords
Auditing, Client-server, Cloud computing, HTML, HTTP, Packet switching, Virtualization, VPN, Clickjacking, Malware, Pretexting, Ransomware, Social Engineering, Advanced Encryption Standard (AES), Digital Certificate, JavaScript, Web application, Vulnerability management, PCI, Resource pooling, Elasticity, Private Cloud, IaaS, PaaS, SaaS, STARS, Service level agreements, Integration testing, Security testing, Stress testing, Security assessment, Nmap, OS fingerprint, Nessus, Vulnerability assessment, Web server application, Data leakage, Client-side injection, VoIP, Active server pages (ASP), Business intelligence, Deep web, Computer incident response team, Common
Assignment Summary
25% Project – Risk Identification, Assessment, Verification, and Mitigation planning
In this project, students will conduct a risk assessment of a hypothetical IT infrastructure. First students will identify potential risks, then map risks to elements of a hypothetical IT network. Students will then assess the risks based on several factors and prioritize them. Students will review vulnerability scans of the hypothetical system and report on its results. Finally, students will plan for a Cyber Incident Response Team (CIRT) and report on their work.
25% Instructor Determined Assignments, Collaboration and Participation (attendance and online activities)
The instructor will evaluate participation in the course and in online discussions. The instructor may also include other assignments. The instructor-determined assignments and discussions will be distributed and evaluated such that the total point value reflects the weighting given in the rubrics. The instructor will provide the grading criteria, rubrics, and directions for completing these assignments.
25% Mid Term Exam
Students should be prepared to answer a variety of types of questions pertinent to the concepts covered in or suggested by the course materials, assignments and activities. The instructor may provide additional information about the content, style, and grading criteria of this exam. The test will cover all concepts covered since the first day of class.
25% Final Exam
Students should be prepared to answer a variety of types of questions pertinent to the concepts covered in or suggested by the course materials, assignments and activities. The instructor may provide additional information about the content, style, and grading criteria of this exam. The exam will be limited to concepts covered since the mid-term.