Graduate Studies Reports Access

Graduate Course Proposal Form Submission Detail - ISM6328
Tracking Number - 2417

Edit function not enabled for this course.

Current Status: Approved, Permanent Archive - 2011-07-20
Campus: Tampa
Submission Type: New
Course Change Information (for course changes only):
Comments: to gc 5/10/11; desc needs rev. confirm concurrence - emailed 6/28/11. cleared 6/29/11; GC approved 7/5/11. To USF Syst 7/5/11; to SCNS 7/13/11. SCNS apprd Effect 8/1/11

Detail Information

  1. Date & Time Submitted: 2010-12-02
  2. Department: Information Systems and Decision Sciences
  3. College: BA
  4. Budget Account Number: 0001407000
  5. Contact Person: Kaushal Chari
  6. Phone: 8139746768
  7. Email:
  8. Prefix: ISM
  9. Number: 6328
  10. Full Title: Information Security & Risk Management
  11. Credit Hours: 3
  12. Section Type: C - Class Lecture (Primarily)
  13. Is the course title variable?: N
  14. Is a permit required for registration?: N
  15. Are the credit hours variable?: N
  16. Is this course repeatable?:
  17. If repeatable, how many times?: 0
  18. Abbreviated Title (30 characters maximum): Info Sec & Risk Mgmt
  19. Course Online?: C - Face-to-face (0% online)
  20. Percentage Online: 0
  21. Grading Option: R - Regular
  22. Prerequisites: None
  23. Corequisites:
  24. Course Description: Introduction of frameworks to assess IT risk and implement IT general controls; development of technical skills to secure computer networks.

  25. Please briefly explain why it is necessary and/or desirable to add this course: Replacing Selected Topics with Permanent number; already listed in program
  26. What is the need or demand for this course? (Indicate if this course is part of a required sequence in the major.) What other programs would this course service? This course has been offered three times in the past. Enrolment figures from the three offerings are shown below.

    Summer 2010: 26

    Summer 2009: 19

    Summer 2008: 33

  27. Has this course been offered as Selected Topics/Experimental Topics course? If yes, how many times? Yes, 3 or more times
  28. What qualifications for training and/or experience are necessary to teach this course? (List minimum qualifications for the instructor.) Ability to support computer lab environment for students. A doctorate in Business/MIS/CS.
  29. Objectives: Objectives:

    1. To introduce the importance of information security and related business concern.

    2. To make students aware of the major categories of information security threats.

    3. To make students aware of the common information security controls.

    4. To enable students to implement the basic information security controls.

    5. To introduce students to the important legal provisions regarding information security.

    6. To make students aware of the methodological implications for information security arising from these legal provisions.

    7. To provide students with an understanding of the standard methodologies for complying with legal requirements for IT general controls.

    8. To provide basic understanding of IT risk management in organizations.

  30. Learning Outcomes: Learning Outcomes

    1. Students will demonstrate an understanding of security concerns and issues in organizations.

    2. Students will have the ability to identify major categories of information security threat.

    3. Students will have the ability to apply various kinds of controls to counter common threats.

    4. Students will have the ability to apply best practices related to IT controls to comply with legal requirements.

    5. Students will have the ability to provide solutions to mitigate IT risks.

  31. Major Topics: The current topics are as follows:

    introduction - Why information security is important, common attacks, security perspectives

    Introduction to computer networking - OSI model, IP addresses, TCP ports, DNS – Wireshark

    Introduction to computer system administration

    Introduction and use of security tools such as firewall, intrusion detection, vulnerability detection


    Software errors

    Introduction to COBIT and IT general controls for Sarbanes Oxley

    Introduction to IT risk management

  32. Textbooks: The course currently uses instructor’s notes
  33. Course Readings, Online Resources, and Other Purchases: There are no purchases. All notes are available on Blackboard.
  34. Student Expectations/Requirements and Grading Policy: Student Expectations/requirements and Grading Policy with Percentages (e.g. 2 Exams and 1 Paper, each work 33%):

    The current deliverables and grading policy is shown in the table below. Students are allowed to work in groups of up to two students for group projects.

    Table 1: Grading policy

    Item Weight Performance Item Weight Performance

    Exam 20% Individual Intrusion detection 05% Group

    Readings 10% Individual Scripting 05% Group

    Narrative report 10% Group UNIX STIG 10% Group

    Vimtutor 05% Individual Software error 05% Group

    What they know 05% Group Business plan 05% Group

    Vulnerability assessment 05% Group IT controls 05% Group

    * 10% of the grade on each deliverable will reflect attention to detail

  35. Assignments, Exams and Tests: These are shown in the Table above.
  36. Attendance Policy: Course Attendance at First Class Meeting – Policy for Graduate Students: For structured courses, 6000 and above, the College/Campus Dean will set the first-day class attendance requirement. Check with the College for specific information. This policy is not applicable to courses in the following categories: Educational Outreach, Open University (TV), FEEDS Program, Community Experiential Learning (CEL), Cooperative Education Training, and courses that do not have regularly scheduled meeting days/times (such as, directed reading/research or study, individual research, thesis, dissertation, internship, practica, etc.). Students are responsible for dropping undesired courses in these categories by the 5th day of classes to avoid fee liability and academic penalty. (See USF Regulation – Registration - 4.0101,

    Attendance Policy for the Observance of Religious Days by Students: In accordance with Sections 1006.53 and 1001.74(10)(g) Florida Statutes and Board of Governors Regulation 6C-6.0115, the University of South Florida (University/USF) has established the following policy regarding religious observances: (

    In the event of an emergency, it may be necessary for USF to suspend normal operations. During this time, USF may opt to continue delivery of instruction through methods that include but are not limited to: Blackboard, Elluminate, Skype, and email messaging and/or an alternate schedule. It’s the responsibility of the student to monitor Blackboard site for each class for course specific communication, and the main USF, College, and department websites, emails, and MoBull messages for important general information.

  37. Policy on Make-up Work: Make ups are allowed only on two grounds: (1) medical emergencies in the immediate family and (2) work-related situations. Some form of documentation is required as evidence of the situation. Exemptions on religious grounds are provided as specified in university procedures.
  38. Program This Course Supports: MS/MIS
  39. Course Concurrence Information: Masters in Accountancy track on auditing

- if you have questions about any of these fields, please contact or