COURSE NAME: OPERATIONS SECURITY Provide a reflection of at least 500 words (or 2 pages double spaced) of how the knowledge, skills, or theories of this course have been applied, or could be applied,
School of Computer & Information Sciences | ||
Course Name: | ISOL 631 – Operations Security Course Date: July 1, 2019 through August 22, 2019
| |
Professor: | Dr. Mina Richards | |
Contact Information: | Office Hours: By appointment E-mail: [email protected] | |
Online Support (IT) and I-Learn Policy: | All members of the University of the Cumberlands’ community who use the University’s computing, information or communication resources must act responsibly. http://www.ucumberlands.edu/it/downloads/terms.pdf | |
Course Website: | Access to the course website is required via the iLearn portal on the University of the Cumberlands website: http://www.ucumberlands.edu/ilearn/ | |
Course Description: | The course includes a discussion on security policies that can be used to help protect and maintain a network, such as password policy, e-mail policy, and Internet policy. The issues include organizational behavior and crisis management. | |
Course Objectives/Learner Outcomes: | Course Objectives/Learner Outcomes: Upon completion of this course, the student will:
| |
Prerequisites: | There are no prerequisites for this course. | |
Books and Resources: | Required Text Johnson, Rob. Security Policies and Implementation Issues, 2nd ed. Burlington, MA: Jones & Bartlett, 2015 Student Lab Manual Recommended Materials/Resources
Building an Effective Information Security Policy Architecture (Chapters 1 and 7)
Security Handbook, 5th ed. (Chapters 3, 21, and 26)
Complete Guide to Security and Privacy Metrics: Measuring Regulatory Compliance, Operational Resilience, and ROI (Chapters 3, 4, and 5)
The CISM Prep Guide: Mastering the Five Domains of Information Security Management (Chapters 2 and 5, and Appendix B)
Homeland Security Law And Policy
Information Security Management Handbook, 6th ed. (Chapters 2, 5, 7, 14, 16, 41, and 42)
Computer and Information Security Handbook (Chapter 15)
Information Security Policy Development for Compliance: ISO/IEC 27001, NIST SP 800-53, HIPAA Standard, PCI DSS V2.0, and AUP V5.0
“Technologies of Compliance: Risk and Regulation in a Digital Age,” Texas Law Review, March 2010, Vol. 88 Issue 4 (Pages 669-739)
Professional Associations • International Association of Privacy Professionals (IAPP) - This Web site provides opportunity to interact with a community of privacy professionals and to learn from their experiences. This Web site also provides valuable career advice. https://www.privacyassociation.org/
• International Information Systems Security Certification Consortium, Inc., (ISC)²® - This Web site provides access to current industry information. It also provides opportunities in networking and contains valuable career tools. http://www.isc2.org/
• ISACA - This Web site provides access to original research, practical education, career-enhancing certification, industry-leading standards, and best practices. It also provides a network of likeminded colleagues and contains professional resources and technical/managerial publications. https://www.isaca.org/Pages/default.aspx | |
Course Expectations | ||
Course Activities and Experiences: | Students are expected to: • Review any assigned reading material, complementary materials, and weekly lectures and prepare responses to homework assigned. • Actively participate in activities, assignments, and discussions. • Evaluate and react to each other’s work in a supportive, constructive manner. • Complete specific assignments and exams when specified and in a professional manner. • Utilize learned technologies for class assignments. • Connect content knowledge from core courses to practical training placement and activities. | |
Academic Integrity: | At a Christian liberal arts university committed to the pursuit of truth and understanding, any act of academic dishonesty is especially distressing and cannot be tolerated. In general, academic dishonesty involves the abuse and misuse of information or people to gain an undeserved academic advantage or evaluation. The common forms of academic dishonesty include:
Plagiarism includes copying and pasting material from the internet into assignments without properly citing the source of the material. Episodes of academic dishonesty are reported to the Vice President for Academic Affairs. The potential penalty for academic dishonesty includes a failing grade on a particular assignment, a failing grade for the entire course, or charges against the student with the appropriate disciplinary body. | |
Attendance Policy: | When any student has exceeded 20% of the time prescribed for any class, that student will be automatically dropped from that particular class with the grade of “F.” This grade is placed on the official transcript of the student and is treated as a failing grade in calculating the grade point average. The definition of a class absence is a student’s failure to attend class for any reason. Instructors may count three times tardy or leaving early to be equal to one class absence. There are no excused absences, regardless of the reason for the class having been missed. However, faculty will make reasonable provisions to allow students to make up work if the absence is due to a university-sponsored function or a medical or family emergency that is documented in a timely manner. Allowance for students to make up work for other reasons is at each instructor’s discretion. A class absence does not excuse the student from being responsible for course work missed; the student is responsible for contacting the faculty member in order to make up class assignments. The Vice President for Academic Affairs is the authorized agent to consider any exceptions to the above regulations. (Undergraduate Catalog) Residency Attendance: Each student must be in attendance for the entire duration of the required residency weekend. Late arrivals and/or early departures are not permitted. Punctuality is important as each student is required to have the documented in-seat time per USCIS regulations. If a student is not in attendance for the full session, he/she will be counted absent for the entire session, and receive an automatic “F” and will be required to pay the $300.00 make-up fee and attend a residency make-up session. | |
Disability Accommodations: | University of the Cumberlands accepts students with certified disabilities and provides reasonable accommodations for their certified needs in the classroom, in housing, in food service or in other areas. For accommodations to be awarded, a student must submit a completed Accommodations Application form and provide documentation of the disability to the Disability Services Coordinator (Mr. Jacob Ratliff, Boswell Campus Center, Student Services Office Suite, [email protected]). When all paperwork is on file, a meeting between the student and the Coordinator will be arranged to discuss possible accommodations before accommodations are formally approved. Students must then meet with the Coordinator at the beginning of each semester before any academic accommodations can be certified for that term. Certifications for other accommodations are normally reviewed annually. | |
Student Responsibilities: |
| |
Deadlines and Dues Dates: | Recognizing that a large part of professional life is meeting deadlines, it is necessary to develop time management and organizational skills. Failure to meet the course deadlines may result in penalties. Keep in mind that all deadlines are set using Eastern Standard Time (EST). Discussion Questions Weekly discussions cannot be made up in future weeks. Discussions must be posted during the assigned week to earn points as weekly participation.
Quizzes and Exams There is one quiz and two exams in class. They must be taken during the time allowed and during the weeks assigned. If the student has strenuous circumstances why the quiz or exam cannot taken, the student must provide reliable excuses and proof from doctors, hospitals, police, funeral homes, etc. Written Papers Written papers are due on Sunday of the assigned week. Late papers will NOT be accepted, per UC policies. There are times, however, that students have the best intentions to submit timely, but extreme circumstances get on the way. In this case, excuses for late assignments due to strenuous circumstances need proof from doctors, hospitals, police, funeral homes, etc. In addition to deductions for content, late papers will incur a 10% penalty each week the assignment is late. | |
Writing Expectations: | Learning outcomes for candidates’ writing competencies include clarity of thought, discernment in planning and organization, and integration of evidence and criteria.
| |
Participation Policy: | Study after study has linked successful academic performance with good class participation. Those who assume positions of responsibility must “show up” in order to be effective. Therefore, students are expected to actively participate in intelligent discussion of assigned topics in all areas (Discussion Board Activities, Synchronous Sessions, Forums, Shared Papers, etc.) to help process course material and/or to demonstrate understanding of course content. Point adjustments will be taken for non-participation. | |
Academic Appeals: | Both undergraduate and graduate students have the right to challenge a grade. If discussions with the course instructor and department chair do not lead to a satisfactory conclusion, students may file a formal written appeal with the Vice President for Academic Affairs, who will forward the appeal to the chair of the Academic Appeals Committee. This formal written appeal must be filed by the end of the 4th week of classes in the next regular term following the term in which the course in question was taken. The Academic Appeals Committee then gathers information from the student, the instructor, and any other relevant parties. The Committee will deliver its recommendation on the complaint to the Vice President for Academic Affairs. After reviewing this recommendation and concurring or amending it, the Vice President for Academic Affairs will inform the student and instructor of the disposition of the complaint no later than the last day of classes of the term in which the complaint was filed. Records of all actions regarding academic grade appeals, including their final disposition, are maintained by the Vice President for Academic Affairs and the Academic Appeals Committee. (Undergraduate Catalog/Graduate Catalog) | |
Links to Support: | Orientation to I-Learn: Student training course on I-Learn, https://ucumberlands.blackboard.com/webapps/portal/frameset.jsp Book Store: http://cumber.bncollege.com/webapp/wcs/stores/servlet/BNCBHomePage?storeId=50059&catalogId=10001&langId=-1 Library: http://www.ucumberlands.edu/library/ | |
Course Assignments and Evaluation | ||
Evaluation Method: | Graded work will receive a numeric score reflecting the quality of performance. Relative weights assigned to graded work are as follows: | |
Course Evaluation | Students will be evaluated on:
| |
Grading Scale: | Graded work will receive a numeric score reflecting the quality of performance as given above in evaluation methods. The overall course grade will be determined according to the following scale: A= 90 – 100 (90% - 100%) B= 80 – 89 (80% - 89%) C = 70 – 79 (70% - 79%) F < 69 (Below 69%) |
Syllabus Disclaimer:
This syllabus is intended as a set of guidelines for this course and the professor reserves the right to make modifications in content, schedule, and requirements as necessary to promote the best education possible within conditions affecting this course. Any changes to the syllabus will be discussed with the students.
Course Expectations
Grading Category | Activity Title |
Lesson 1: IT Security Policies | |
Required Readings |
|
Discussion | Trust and Policy Management (5 points) |
Lesson 2: IT Security Seven Domains | |
Required Readings |
|
Discussion | Information Security Program (5 points) |
Lesson 3: Policies and Frameworks | |
Required Readings |
|
Project | Executive Program Practical Connection Assignment (Required -5 points) |
Lesson 4: Course Review and Midterm | |
Required Readings |
|
Midterm Test | Midterm (34 questions – 15 points) |
Lesson 5: User Domain and IT Infrastructure | |
Required Readings |
|
Case | California OCIO Case Study (15 points) |
Lesson 6: Data Classification, IRTs, and Policy Implementation | |
Required Readings |
|
Case | Enterprise Information Systems Security: A Case Study in the Banking Sector (20 points) |
Lesson 7: Policy Enforcement and IT Compliance | |
Required Readings |
|
Quiz | Chapters 8-10 (10 questions – 5 points) |
Course Review and Final Examination | |
Exam (30 points) | Final Examination (58 questions – 30 points) |
7