Graduate Course Proposal Form Submission Detail - ISM6328
Edit function not enabled for this course.
Approved, Permanent Archive
Submission Type: New
Course Change Information (for course changes only):
Comments: to gc 5/10/11; desc needs rev. confirm concurrence - emailed 6/28/11. cleared 6/29/11; GC approved 7/5/11. To USF Syst 7/5/11; to SCNS 7/13/11. SCNS apprd Effect 8/1/11
- Department and Contact Information
Tracking Number Date & Time Submitted 2417 2010-12-02 Department College Budget Account Number Information Systems and Decision Sciences BA 0001407000 Contact Person Phone Kaushal Chari 8139746768 firstname.lastname@example.org
- Course Information
Prefix Number Full Title ISM 6328 Information Security & Risk Management Is the course title variable? N Is a permit required for registration? N Are the credit hours variable? N Is this course repeatable? If repeatable, how many times? 0 Credit Hours Section Type Grading Option 3 C - Class Lecture (Primarily) R - Regular Abbreviated Title (30 characters maximum) Info Sec & Risk Mgmt Course Online? Percentage Online C - Face-to-face (0% online) 0
Introduction of frameworks to assess IT risk and implement IT general controls; development of technical skills to secure computer networks.
A. Please briefly explain why it is necessary and/or desirable to add this course.
Replacing Selected Topics with Permanent number; already listed in program
B. What is the need or demand for this course? (Indicate if this course is part of a required sequence in the major.) What other programs would this course service?
This course has been offered three times in the past. Enrolment figures from the three offerings are shown below.
Summer 2010: 26
Summer 2009: 19
Summer 2008: 33
C. Has this course been offered as Selected Topics/Experimental Topics course? If yes, how many times?
Yes, 3 or more times
D. What qualifications for training and/or experience are necessary to teach this course? (List minimum qualifications for the instructor.)
Ability to support computer lab environment for students. A doctorate in Business/MIS/CS.
- Other Course Information
1. To introduce the importance of information security and related business concern.
2. To make students aware of the major categories of information security threats.
3. To make students aware of the common information security controls.
4. To enable students to implement the basic information security controls.
5. To introduce students to the important legal provisions regarding information security.
6. To make students aware of the methodological implications for information security arising from these legal provisions.
7. To provide students with an understanding of the standard methodologies for complying with legal requirements for IT general controls.
8. To provide basic understanding of IT risk management in organizations.
B. Learning Outcomes
1. Students will demonstrate an understanding of security concerns and issues in organizations.
2. Students will have the ability to identify major categories of information security threat.
3. Students will have the ability to apply various kinds of controls to counter common threats.
4. Students will have the ability to apply best practices related to IT controls to comply with legal requirements.
5. Students will have the ability to provide solutions to mitigate IT risks.
C. Major Topics
The current topics are as follows:
introduction - Why information security is important, common attacks, security perspectives
Introduction to computer networking - OSI model, IP addresses, TCP ports, DNS – Wireshark
Introduction to computer system administration
Introduction and use of security tools such as firewall, intrusion detection, vulnerability detection
Introduction to COBIT and IT general controls for Sarbanes Oxley
Introduction to IT risk management
The course currently uses instructor’s notes
E. Course Readings, Online Resources, and Other Purchases
There are no purchases. All notes are available on Blackboard.
F. Student Expectations/Requirements and Grading Policy
Student Expectations/requirements and Grading Policy with Percentages (e.g. 2 Exams and 1 Paper, each work 33%):
The current deliverables and grading policy is shown in the table below. Students are allowed to work in groups of up to two students for group projects.
Table 1: Grading policy
Item Weight Performance Item Weight Performance
Exam 20% Individual Intrusion detection 05% Group
Readings 10% Individual Scripting 05% Group
Narrative report 10% Group UNIX STIG 10% Group
Vimtutor 05% Individual Software error 05% Group
What they know 05% Group Business plan 05% Group
Vulnerability assessment 05% Group IT controls 05% Group
* 10% of the grade on each deliverable will reflect attention to detail
G. Assignments, Exams and Tests
These are shown in the Table above.
H. Attendance Policy
Course Attendance at First Class Meeting – Policy for Graduate Students: For structured courses, 6000 and above, the College/Campus Dean will set the first-day class attendance requirement. Check with the College for specific information. This policy is not applicable to courses in the following categories: Educational Outreach, Open University (TV), FEEDS Program, Community Experiential Learning (CEL), Cooperative Education Training, and courses that do not have regularly scheduled meeting days/times (such as, directed reading/research or study, individual research, thesis, dissertation, internship, practica, etc.). Students are responsible for dropping undesired courses in these categories by the 5th day of classes to avoid fee liability and academic penalty. (See USF Regulation – Registration - 4.0101,
Attendance Policy for the Observance of Religious Days by Students: In accordance with Sections 1006.53 and 1001.74(10)(g) Florida Statutes and Board of Governors Regulation 6C-6.0115, the University of South Florida (University/USF) has established the following policy regarding religious observances: (http://usfweb2.usf.edu/usfgc/gc_pp/acadaf/gc10-045.htm)
In the event of an emergency, it may be necessary for USF to suspend normal operations. During this time, USF may opt to continue delivery of instruction through methods that include but are not limited to: Blackboard, Elluminate, Skype, and email messaging and/or an alternate schedule. It’s the responsibility of the student to monitor Blackboard site for each class for course specific communication, and the main USF, College, and department websites, emails, and MoBull messages for important general information.
I. Policy on Make-up Work
Make ups are allowed only on two grounds: (1) medical emergencies in the immediate family and (2) work-related situations. Some form of documentation is required as evidence of the situation. Exemptions on religious grounds are provided as specified in university procedures.
J. Program This Course Supports
- Course Concurrence Information
Masters in Accountancy track on auditing