Apply to USF Now | Graduate Admissions | Events & Workshops | Giving to the Office of Graduate Studies

Graduate Course Proposal Form Submission Detail - ISM6xxx

(password required)

Current Status: -
Campus: Tampa
Submission Type: New
Course Change Information (for course changes only):

  1. Department and Contact Information

    Tracking Number Date & Time Submitted
    4835 2013-10-21
    Department College Budget Account Number
    Information Systems and Decision Sciences BA 1407000
    Contact Person Phone Email
    Balaji Padmanabhan 9746763

  2. Course Information

    Prefix Number Full Title

    Is the course title variable? Y
    Is a permit required for registration? Y
    Are the credit hours variable? N
    Is this course repeatable? Y
    If repeatable, how many times? 2

    Credit Hours Section Type Grading Option
    3 C - Class Lecture (Primarily) R - Regular
    Abbreviated Title (30 characters maximum)
    Bus Cont. & Disaster Recovery
    Course Online? Percentage Online
    B - Face-to-face and online (separate sections) 0





    Course Description

    The goal of the course is to introduce decision making and risk assessment skills to respond effectively to disasters affecting our critical infrastructure. Students will learn to apply these concepts to business continuity and disaster recovery planning.

  3. Justification

    A. Please briefly explain why it is necessary and/or desirable to add this course.

    Needed for new program/concentration/certificate

    B. What is the need or demand for this course? (Indicate if this course is part of a required sequence in the major.) What other programs would this course service?

    Cybersecurity programs are in high demand in the US. This course is part of the proposed new MS in Cybersecurity at USF.

    This course has been formally voted on and approved as a permanent course by:

    (1) The Information Systems & Decision Sciences Department at the College of Business

    (2) By the USF College of Business Graduate Policy Committee

    C. Has this course been offered as Selected Topics/Experimental Topics course? If yes, how many times?


    D. What qualifications for training and/or experience are necessary to teach this course? (List minimum qualifications for the instructor.)

    A PhD in a field related to Information Systems & Decision Sciences. Research or teaching experience in decision analysis and decision making related areas is also required.

  4. Other Course Information

    A. Objectives

    1. To introduce important decision making frameworks.

    2. To introduce risk assessment frameworks.

    3. To make students aware of common decision impediments while analyzing risks.

    4. To enable students to plan and develop business continuity plans for critical infrastructures.

    5. To enable students to plan and develop disaster recovery plans for critical infrastructures.

    B. Learning Outcomes

    1. Students will demonstrate an understanding of common decision-making frameworks.

    2. Students will demonstrate an understanding of common risk-assessment frameworks.

    3. Students will have the ability to plan for business continuity

    4. Students will have the ability to plan for disaster recovery

    C. Major Topics

    Defining Decision Problems

    Evaluating choices

    Decision analysis

    Decision modeling

    Uncertainty and judgment

    Decision Making under Time Pressure and High Risk

    Business continuity and disaster recovery (BC & DR) overview

    Risk Assessment and Mitigation strategies

    BC and DR plan preparation

    BC and DR plan testing and maintenance

    D. Textbooks

    (1) Susan Snedaker, Business Continuity & Disaster Recovery planning for IT Professionals (2nd Ed.), (Oct. 8, 2013), Syngress, ISBN-10: 0124105262,

    (2) David C. Skinner, Introduction to Decision Analysis (3rd Edition), (Mar 9, 2009), ISBN-10: 0964793865, Probabilistic Publishing

    (3) John Hammond, Ralph Keeney, Howard Raiffa, Smart Choices: A Practical Guide to Making Better Decisions, (Mar. 5, 2002), ISBN-10: 0767908864, Crown Business

    E. Course Readings, Online Resources, and Other Purchases

    (1) Keeney R. et. al, Assessing the value of an LNG terminal

    (2) Smith C. and Borgonovo E., “Decision making during nuclear power plant incidents – A new approach to the evaluation of precursor events, Risk Analysis 2007 27:1027-42

    (3) Camerer C. and Kunreuther, H., Decision processes for low probability events: Policy implications, Journal of Policy analysis and management, September 1989

    (4) Flynn, J., Slovic P. and Mertz C.K., The Nevada initiative: A risk communication fiasco, Risk analysis, 1993 (13) 497-502

    (5) A M Finkel, Toward less misleading comparisons of uncertain risks: the example of aflatoxin and alar, Environmental Health Perspectives. 1995 April; 103(4): 376–385.

    (6) M.-Elisabeth Paté-Cornell and Paul S. Fischbeck, Risk Management for the Tiles of the Space Shuttle, Interfaces, 24 (1), Jan. - Feb., 1994, pp. 64-86

    (7) Cohen, Izack, Improving Time-Critical Decision Making in Life-Threatening Situations: Observations and Insights, Decision Analysis; 2008 (5),100-110.

    (8) Weick, Karl E. The collapse of sensemaking in organizations: The Mann Gulch disaster, Administrative Science Quarterly; (1993) 38.4 628-652.

    F. Student Expectations/Requirements and Grading Policy

    Exam 25%

    Assignments 25%

    BC and DR plan 40%

    Design presentation 10%

    Grading policy:

    93-100: A+











    < 57:F

    G. Assignments, Exams and Tests

    Disaster Recovery Plan Assignment

    1. The Executive Summary (pages ES-1 & ES-2), and Chapters 1 and 2 (pages 1-13) [Note: in Acrobat these are pages 11-25] of the Contingency Planning Guide for Information Technology Systems from the National Institute of Standards and Technology, 2002.

    2. Review the KPMG Checklist for Business Recovery, in particular the list under “Technology/Management”

    3. “Governing Information Technology Risk”, by Parent and Reich, California Management Review, 2009.

    Read the material on contingency planning, disaster recovery plans, and governing risk to prepare yourself for this assignment, in which you will develop a disaster recovery plan. Disaster recovery plans typically include this content:

    • identification of the most critical systems

    • impact analysis of systems outage, with maximum amount of time the organization can survive with systems down

    • risk assessment of probability of disasters

    • identification of mission-critical systems, their files and location of backups

    • action plan for handling mission-critical systems in the event of an outage

    • procedures to follow during and after a disaster (recovery)

    • schedule for testing the disaster recovery plan

    • evidence of management support and funding for disaster recovery planning

    Use the description of an organization provided to you for this assignment. Use the description to (a) describe the process you would use in this organization to develop and deploy the disaster recovery plan, and (b) develop the plan for the organization (e.g., systems you know are mission-critical, the backup procedures that are needed).

    Final Exam 25%

    Assignments for the individual modules 25%

    Presentation: 10%

    H. Attendance Policy

    Course Attendance at First Class Meeting – Policy for Graduate Students: For structured courses, 6000 and above, the College/Campus Dean will set the first-day class attendance requirement. Check with the College for specific information. This policy is not applicable to courses in the following categories: Educational Outreach, Open University (TV), FEEDS Program, Community Experiential Learning (CEL), Cooperative Education Training, and courses that do not have regularly scheduled meeting days/times (such as, directed reading/research or study, individual research, thesis, dissertation, internship, practica, etc.). Students are responsible for dropping undesired courses in these categories by the 5th day of classes to avoid fee liability and academic penalty. (See USF Regulation – Registration - 4.0101,

    Attendance Policy for the Observance of Religious Days by Students: In accordance with Sections 1006.53 and 1001.74(10)(g) Florida Statutes and Board of Governors Regulation 6C-6.0115, the University of South Florida (University/USF) has established the following policy regarding religious observances: (

    In the event of an emergency, it may be necessary for USF to suspend normal operations. During this time, USF may opt to continue delivery of instruction through methods that include but are not limited to: Blackboard, Elluminate, Skype, and email messaging and/or an alternate schedule. It’s the responsibility of the student to monitor Blackboard site for each class for course specific communication, and the main USF, College, and department websites, emails, and MoBull messages for important general information.

    I. Policy on Make-up Work

    Make up for any missed assignments or exam will only be provided in documented medical or other emergencies. Students should inform the instructor ahead of time where reasonably possible.

    The policy of the University of South Florida on academic dishonesty states:

    Each individual is expected to earn his or her degree on the basis of personal effort. Consequently, any form of cheating on examinations or plagiarism on assigned papers constitutes unacceptable deceit and dishonesty. This cannot be tolerated in the university community and will be punishable, according to the seriousness of the offense, in conformity with this rule.

    Cheating is defined as follows:

    (a) the unauthorized granting or receiving of aid during the prescribed period of a course-graded exercise: students may not consult written materials such as notes or books, may not look at the paper of another student, nor consult orally with any other student taking the same test;

    (b) asking another person to take an examination in his or her place;

    (c) taking an examination for or in place of another student;

    (d) stealing visual concepts, such as drawings, sketches, diagrams, musical programs and scores, graphs, maps, etc. and presenting them as one's own;

    (e) stealing, borrowing, buying, or disseminating tests, answer keys or other examination material except as officially authorized, research papers, creative papers, speeches, etc.;

    (f) stealing or copying of computer programs and presenting them as one's own.

    In the event of an emergency, it may be necessary for USF to suspend normal operations. During this time, USF may opt to continue delivery of instruction through methods that include but are not limited to: Blackboard, Canvas, Elluminate, Skype, and email messaging and/or an alternate schedule. It’s the responsibility of the student to monitor the course site for each class for course specific communication, and the main USF, College, and department websites, emails, and MoBull messages for important general information.


    Students who anticipate being late for any deliverable due to religious observance should inform the instructor by the end of the first week of class.

    A student who does not submit a deliverable on time may be penalized up to the entire points unless he/she has documented proof of a medical emergency or explicit permission of the instructor.

    Students may not re-distribute any class material of the class in any outside forum without approval of the instructor.

    J. Program This Course Supports

    Proposed new MS in Cybersecurity

  5. Course Concurrence Information

    This course can also serve as an elective for the MS in Management Information Systems.

- if you have questions about any of these fields, please contact or