CSIS 3313 Information Security Standards, Risk Management, and Compliance 3 Credits (2 Lec, 2 Lab)
This course includes evaluating the differences between managing information security as opposed to IT security being an area that is now coming of age. For many years the focus has been mainly on IT security and with the implementation of such security left to the IT department and technical experts. This course focuses on security related to people, processes, information as well as IT. Since then, there have been many developments taking us to where we are today with these early security management standards being transformed in international standards published by ISO/IEC. These standards are being used by hundreds of thousands of organizations worldwide.
Course Type: Academic
CSIS 3353 Cyber Law and the Legal System 3 Credits (2 Lec, 2 Lab)
This seminar explores the legal system's response to the rapidly-evolving challenges posed by cybercrime. The course will examine how courts and legislators are struggling to adapt traditional legal principles to digital misconduct, the role (and limitations) of law enforcement, tensions between security and privacy in the fight against cybercrime, the legal implications of the global reach of cybercrime and the growing threat of state actors, and the impact of government regulation in promoting cybersecurity. Students will gain a basic literacy regarding cybersecurity issues likely to touch nearly every lawyer's practice. Students will learn about common types of cybercrime and security measures, lawyers' ethical obligations concerning cybersecurity, and the role of lawyers in helping clients meet their cybersecurity-related legal responsibilities and responding to cybersecurity incidents.
Prerequisite(s): Reading level 7
Course Type: Academic
CSIS 4323 IT Security Auditing 3 Credits (2 Lec, 2 Lab)
In this course, students will develop an understanding of cybersecurity concepts that can be used to facilitate integrated audit efforts within your organization. Developed with and facilitated by leading industry experts, this course will examine preventive, detective, and corrective controls, and how to apply the audit process to a cloud environment. Students will also be exposed to the mobile environment and cyber standards, as well as learn how to audit common security solutions. This course is designed for internal auditors involved in IT audits or those involved in audit activities that require an understanding of how to manage the impact of cybersecurity events on business risks.
Course Type: Academic