About this course: This course intends to make the student familiar with information security management. When you have finished with this course you will know more about: • Governance: including the mission, roles and responsibilities of the InfoSec governance function, and the strategic planning process and InfoSec’s role in the organization’s strategic planning effort. • You will understand the various types of InfoSec policies and how effective information security policy is created and used. • Risk management and the risk management process • Certain laws and ethical issues impacting information security in the organization. And some common information security management practices such as benchmarking and performance measures.

Who is this class for: This course is targeted at those who do not have practical knowledge of information security management bu who might be interested to know what is included in this are of business operation.

Created by: University System of Georgia

Taught by: Dr. Humayun Zafar, Associate Professor of Information Security and Assurance
Information Systems
Taught by: Dr. Traci Carte, Associate Professor Chair, Information Systems
Information Systems
Taught by: Herbert J. Mattord, Ph.D., CISM, CISSP, CDP, Associate Professor in Information Security and Assurance
Information Systems
Taught by: Mr. Andy Green, Lecturer of Information Security and Assurance
Kennesaw State University - Department of Information Systems
Taught by: Michael Whitman, Ph.D., CISM, CISSP, Professor of Information Security
Information Systems

Basic Info	Course 4 of 4 in the Cybersecurity: Developing a Program for Your Business Specialization
Level	Beginner
Language	English
How To Pass	Pass all graded assignments to complete the course.
User Ratings	4.6 stars Average User Rating 4.6See what learners said

Syllabus

WEEK 1

Welcome to the Management of Information Security

This module provides a welcome to the course and describes the course modules that follow. The lecture and reading will introduce you to the broad topic of security management and establish the basic terminology needed for later modules. Also, you will begin learning about the case company that you will use in an extended simulation that spans the rest of this course as you build on your learning by engaging in real world analysis and reporting on cybersecurity topics.

2 videos, 2 readings, 1 practice quiz

Video: An overview of this course
Video: Welcome to security Management
Reading: What is security management?
Practice Quiz: Pretest: Test your knowledge before you begin
Discussion Prompt: What is cybersecurity?
Reading: Capstone Project: Getting started
Peer Review: Capstone Project: Getting started

WEEK 2

Governance and Strategic Planning in Information Security

In this module, you will explore how organizations organize the cybersecurity function and engage in strategic planning. This will include coverage of where the information security management team is placed in the organizational hierarchy, what functions does the CSO of an organization fulfill, as well as some explanation of the strategic planning function.You will also develop a simulated organizational plan in a report to executive management as part of the ongoing case study.

2 videos, 4 readings, 1 practice quiz

Video: How organizations are governed
Reading: How organizations structure the security function
Discussion Prompt: Where does the security management team belong?
Reading: What does the CSO do?
Reading: How organizations make strategic plans for security
Video: Executive viewpoint on governance in cybersecurity
Practice Quiz: Governance and strategic planning in information security practice quiz
Reading: Capstone Project: Organizing for cybersecurity
Peer Review: Capstone Project: Organizing for cybersecurity

Graded: Governance and strategic planning in information security quiz

WEEK 3

Risk Management

This module will define risk management and explore the processes used by organizations to identify and control risk. This will include basic techniques used to identify and assess risk as well as exploration of the risk control strategies that can be used to help control risk. You will also experiment with reading an industry standard risk report that you will summarize and analyze as you assess operational risk for higher management as part of the ongoing case-based project.

3 videos, 5 readings, 1 practice quiz

Reading: An overview of the risk management process
Video: The risk identification process
Video: The risk assessment process
Reading: More on identifying and assessing risk
Reading: Determining risk control strategies
Reading: Methods used to implement risk management
Video: Executive viewpoint on risk management methodology
Discussion Prompt: Selecting a risk management methodology
Practice Quiz: Risk management practice quiz
Reading: Capstone Project: Identifying risks
Peer Review: Capstone Project: Identifying risks

Graded: Risk management quiz

WEEK 4

Regulatory Compliance, Law and Ethics

In this module you will learn about how organizations must manage the complex issues emerging from the rapidly changing legal and regulatory environment. It will include a short overview of the laws and regulations you should plan to learn about as well as an introduction to how ethics is encountered in the workplace. Then you will engage on a discussion on compliance with industry standards and governmental regulation as a means to move closer to a more secure work environment. As part of the ongoing case study you will be asked to advise management on an ethical dilemma currently facing some of the management team at CHI.

2 videos, 4 readings, 1 practice quiz

Video: An introduction to law, ethics, and compliance
Reading: The legal landscape of cybersecurity
Reading: Workplace ethics
Discussion Prompt: Are ethics important on the job?
Reading: Common processes in cybersecurity programs
Discussion Prompt: Is compliance with the regulations enough to have good security?
Video: Executives viewpoint on implementing compliance programs
Practice Quiz: Regulations, law, ethics, and compliance practice quiz
Reading: Capstone Project: Ethical decision making
Peer Review: Capstone Project: Ethical decision making

Graded: Regulations, law, ethics, and compliance

WEEK 5

Security Programs

This module explores some of the other important elements commonly found in information security management programs. While you will not cover every security management topic, you will explore performance measurement, managing technical controls, and contingency planning. Then, you will assess and report on the proposed incident response plans of the simulated company as part of the ongoing case study.

1 video, 3 readings, 1 practice quiz

Video: Measuring performance
Reading: Managing technical controls
Discussion Prompt: What is the most urgent technical control?
Reading: Contigency planning including incident response
Practice Quiz: Security programs practice quiz
Reading: Capstone Project: Assessing an incident response plan
Peer Review: Capstone Project: Assessing an incident response plan

Graded: Security programs

WEEK 6

Conclusion

In this module, you will synthesize the content in the course, complete a final exam, and complete your Capstone Project.

2 videos, 1 reading

Video: Executive viewpoint on the importance of cybersecurity
Video: Pulling it all together
Reading: Capstone Project: Completion Report

Graded: Final Exam

Graded: Capstone Project: Completion Report

FAQs

When will I have access to the lectures and assignments?

What if I need additional time to complete the course?

What is the refund policy?

How It Works

Coursework

Each course is like an interactive textbook, featuring pre-recorded videos, quizzes and projects.

Help from Your Peers

Connect with thousands of other learners and debate ideas, discuss course material, and get help mastering concepts.

Certificates

Earn official recognition for your work, and share your success with friends, colleagues, and employers.

Creators

University System of Georgia

The University System of Georgia is composed of 28 higher education institutions including 4 research universities, 2 regional universities, 12 state universities, 13 state colleges and the Skidaway Institute of Oceanography. The Georgia Public Library System, encompassing 61 library systems throughout Georgia, is also part of the University System.

Pricing

	Purchase Course	Audit
Access to course materials	Available	Available
Access to graded materials	Available	Not available
Receive a final grade	Available	Not available
Earn a shareable Course Certificate	Available	Not available

Ratings and Reviews

Rated 4.6 out of 5 of 17 ratings

Simple but effective

Great course. Provides a great hands on insight and experience with Cybersecurity

Thank you!

Right level of content, relevant exercises.

The Business of Cybersecurity Capstone

The Business of Cybersecurity Capstone

The Business of Cybersecurity Capstone