| DIT 35208 | 24 hours |
*Previously Information Assurance and Security Level 1: Information Security Management*
The purpose of this course is to introduce students to the theoretical knowledge required to effectively design and manage the overall security posture of an organization. Topics include concepts of confidentiality, integrity and availability, security governance principles, legislative, regulatory and privacy compliance requirements, legal and regulatory issues that pertain to information security in a global context. The course will also discuss professional ethics, and procedures to develop and implement security policy, standards, procedures, and guidelines. This course is conceptual in nature and covers examination content delivered through the ISC2 – Certified Information Systems Security Professional.
Outcomes
Upon successful completion of this course, students will be able to:
• Understand, adhere to, and promote professional ethics
• Understand and apply security concepts
• Evaluate and apply security governance principles
• Determine compliance and other requirements
• Understand legal and regulatory issues that pertain to information security in a holistic context
• Understand requirements for investigation types (i.e., administrative, criminal, civil, regulatory, industry standards)
• Develop, document, and implement security policy, standards, procedures, and guidelines
• Identify, analyze, and prioritize Business Continuity (BC) requirements
• Contribute to and enforce personnel security policies and procedures
• Understand and apply risk management concepts
• Understand and apply threat modeling concepts and methodologies
• Apply Supply Chain Risk Management (SCRM) concepts
• Establish and maintain a security awareness, education, and training program
COPYRIGHT © 2018 THE UNIVERSITY OF WINNIPEG - PROFESSIONAL, APPLIED AND CONTINUING EDUCATION