ISSC481 IT Security: Planning and Policy (3 semester hours)

This course examines the principles of security planning and policy; it offers a holistic approach to cybersecurity for an organization. It focuses on a variety of security guidelines, policies and plans (security requirements, internal users, external users, operational costs, geography, capacity plan, growth plan, business organization, business scenarios, business factors, business processes, business functions, business products, product life cycle, technical factors, roles and responsibilities, and organizational authority). This course addresses physical security, authentication, network security, encryption, software development, email, Internet, acceptable use, acceptable speech, and viruses/worms. It also covers the need for actionable and maintainable policies and the need for periodic audits of policies and configurations.