CIS8018 Information Security for Managers
| Subject | Cat-nbr | Class | Term | Mode | Description | Units | Campus |
| CIS | 8018 | 90139 | 2, 2009 | EXT | Information Security for Managers | 1.00 | Toowoomba |
|---|
| Academic group: | FOBUS |
| Academic org: | FOB005 |
| Student contribution band: | 2 |
| ASCED code: | 029901 |
Contents
- Staffing
- Other requisites
- Synopsis
- Objectives
- Topics
- Texts
- Reference materials
- Student workload
- Assessment details
- Important assessment information
- Assessment notes
- Other requirements
- Production date
-
PDF version
STAFFING
Examiner: Jianming YongModerator: Michael Lane
OTHER REQUISITES
Students are required to have access to a personal computer, e-mail capabilities and Internet access to UConnect. Current details of computer requirements can be found at <http://www.usq.edu.au/ict/students/standards/default.htm>.SYNOPSIS
This course examines the security concerns and problems resulting from the increased reliance on information technology to enhance business functions. There is an urgent need for management and professionals to have an in-depth understanding of the threats information and communication systems face and the controls or countermeasures that can prevent or limit their devastating effects. This course assists you to recognise the threats and vulnerabilities. Furthermore this course addresses how to design and develop the secure computing systems. This course focuses on information security management, including planning for security, security policy, security management models and practices, risk management, protection mechanisms, security and personnel, law and ethics, and information security project management.
OBJECTIVES
On successful completion of this course, students should be able to:
- 1.
- discuss the major security concerns and identify important legal issues impacting upon information security
- 2.
- plan security for information systems
- 3.
- plan business continuity
- 4.
- understand information security policy
- 5.
- develop the security program for an organisation
- 6.
- understand security management models and practices
- 7.
- understand risk management
- 8.
- demonstrate a sound knowledge of protection mechanisms for information systems
- 9.
- understand the relationships between security and personnel, between security and law, between security and ethics
- 10.
- properly apply security principles into information security project management.
TOPICS
| Description | Weighting (%) | |
|---|---|---|
| 1. | Introduction to the management of information security |
5.00 |
| 2. | Planning security |
10.00 |
| 3. | Information security policy |
10.00 |
| 4. | Developing the security program |
10.00 |
| 5. | Security management models and practices |
10.00 |
| 6. | Risk management |
20.00 |
| 7. | Protection mechanism |
15.00 |
| 8. | Personnel and security |
5.00 |
| 9. | Security, law and ethics |
5.00 |
| 10. | Information security project management |
10.00 |
TEXT and MATERIALS required to be PURCHASED or accessed
ALL textbooks and materials are available for purchase from USQ BOOKSHOP (unless otherwise stated). Orders may be placed via secure internet, free fax 1800642453, phone 07 46312742 (within Australia), or mail. Overseas students should fax +61 7 46311743, or phone +61 7 46312742. For costs, further details, and internet ordering, use the 'Textbook Search' facility at http://bookshop.usq.edu.au click 'Semester', then enter your 'Course Code' (no spaces).
Summers, J & Smith, B 2006, Communication skills handbook: how to succeed in written and oral communication, 2nd edn, John Wiley & Sons, Milton, Queensland.
Whitman, ME & Mattord, HJ 2007, Management of information security, 2nd edn, Thomson Course Technology, Boston, Massachusetts.
Whitman, ME & Mattord, HJ 2006, Readings and cases in the management of information security, Thomson Course Technology, Boston, Massachusetts.
REFERENCE MATERIALS
Reference materials are materials that, if accessed by students, may improve their knowledge and understanding of the material in the course and enrich their learning experience.
Ellison, C & Schneier, B 2000, Risks of PKI: e-commerce, communications of the ACM432 (Available: http://www.acm.org/pubs/articles/journals/cacm/2000-43- 2/p152-ellison/p152-ellison.pdf).
Ford, W & Baum, MS 2001, Secure electronic commerce: building the infrastructure for digital signatures and encryption, 2nd edn, Prentice Hall, Upper Saddle River, New Jersey.
Ghosh, AK 2001, Security and privacy for e-business, John Wiley & Sons, New York.
Ghosh, AK 1998, E-commerce security: weak links, best defenses, John Wiley & Sons, New York.
Greenstein, M & Vasarhelyi, M 2002, Electronic commerce: security, risk management and control, 2nd edn, McGraw-Hill, Boston, Massachusetts.
Miyazaki, AD & Fernandez, A 2000, Journal of Public Policy and Marketing191 (Available: Full-text EbscoHost Academic Search Premier AN 3215143).
(Spring 2000)
Neumann, PG 2000, SRI-report for the US Army Research Laboratory (Available: http://www.csl.sri.com/papers/arl-one/).
Panko, RR 2004, Corporate computer and network security, Pearson Education, New York.
(international edition)
Schneider, GP 2007, Electronic commerce, 7th edn, Thomson Course Technology, Boston, Massachusetts.
Standing, C & Benson, S 2000, Information infrastructure and policy64 (Available: Full-text EbscoHost Professional Development Collection AN 4055720).
STUDENT WORKLOAD REQUIREMENTS
| ACTIVITY | HOURS |
| Directed Study | 165.00 |
ASSESSMENT DETAILS
| Description | Marks out of | Wtg(%) | Due date | Objectives assessed | Graduate skill | Level assessed | Notes | |
|---|---|---|---|---|---|---|---|---|
| ASSIGNMENT 1 | 100.00 | 5.00 | 07 Aug 2009 | 1, 2, 3 | ||||
| ASSIGNMENT 2 | 100.00 | 15.00 | 04 Sep 2009 | 3, 4, 5 | ||||
| ASSIGNMENT 3 | 100.00 | 20.00 | 16 Oct 2009 | 6, 7, 8 | ||||
| 2-HOUR EXAMINATION | 100.00 | 60.00 | END S2 | All | (see note 1) | |||
NOTES
- 1.
- The examination is scheduled to be held in the end-of-semester examination period. Students will be advised of the official examination date after the timetable has been finalised.
IMPORTANT ASSESSMENT INFORMATION
- Attendance requirements:
If you are an international student in Australia, you are advised to attend all classes at your campus. For all other students, there are no attendance requirements for this course. However, it is the students' responsibility to study all material provided to them or required to be accessed by them to maximise their chance of meeting the objectives of the course and to be informed of course-related activities and administration. - Requirements for students to complete each assessment item satisfactorily:
To satisfactorily complete an individual assessment item a student must achieve at least 50% of the marks. (Depending upon the requirements in Statement 4 below, students may not have to satisfactorily complete each assessment item to receive a passing grade in this course.) - Penalties for late submission of required work:
If students submit assignments after the due date without prior approval of the examiner, then a penalty of 5% of the total marks gained by the student for the assignment may apply for each working day late up to ten working days at which time a mark of zero may be recorded. - Requirements for student to be awarded a passing grade in the course:
To be assured of receiving a passing grade a student must achieve at least 50% of the total weighted marks available for the course. - Method used to combine assessment results to attain final grade:
The final grades for students will be assigned on the basis of the aggregate of the weighted marks obtained for each of the summative assessment items in the course. - Examination information:
This is a restricted examination. Candidates are allowed access to specific materials during the examination. The only materials that candidates may use in the examination for this course are (i) Writing materials: non-electronic and free from material which could give the student an unfair advantage in the examination; (ii) Translation dictionaries: with the Examiner's approval, candidates may, take an appropriate non-electronic translation dictionary into the examination. This will be subject to perusal and, if it is found to contain annotations or markings that could give the candidate an unfair advantage, it may be removed from the candidate's possession until the appropriate disciplinary action is completed. - Examination period when Deferred/Supplementary examinations will be held:
Any Deferred or Supplementary examinations for this course will be held during the next examination period. - University Regulations:
Students should read USQ Regulations 5.1 Definitions, 5.6 Assessment, and 5.10 Student Academic Misconduct for further information and to avoid actions which might contravene university regulations. These regulations can be found at <http://www.usq.edu.au/corporateservices/calendar/part5.htm>. Students should also read the Faculty of Business Procedures which can be found at <http://www.usq.edu.au/business/aboutfob.htm>.
ASSESSMENT NOTES
| 1. | Assignments: (i) The due date for an assignment is the date by which a student must despatch the assignment to the USQ. The onus is on the student to provide proof of the despatch date, if requested by the examiner. (ii) Students must retain a copy of each assignment submitted for assessment. This must be produced within 24 hours if required by the examiner. (iii) In accordance with university policy, the examiner may grant an extension of the due date of an assignment in extenuating circumstances. (iv) The examiner will normally only accept assignments which are electronically submitted through the USQ Study Desk for this course. Students who are unable to meet this submission requirement should contact the examiner of the course to negotiate alternative arrangements. (v) In the event that a due date for an assignment falls on a local public holiday in their area, such as a show holiday, the due date for the assignment will be the next day. Students are to note on the assignment cover the date of the public holiday for the examiner's convenience. |
| 2. | Course weightings: Course weightings of topics should not be interpreted as applying to the number of marks allocated to questions testing those topics in an examination paper. |
| 3. | Referencing in assignments: Harvard (AGPS) is the referencing system required in this course. Students should use Harvard (AGPS) style in their assignments to format details of the information sources they have cited in their work. The Harvard (AGPS) style to be used is defined by the USQ Library's referencing guide at <http://www.usq.edu.au/library/help/referencing/default.htm>. |
| 4. | Make-up work: Students who have undertaken all of the required assessments in a course but who have failed to meet some of the specified objectives of a course within the normally prescribed time may be awarded the temporary grade: IM (Incomplete - Make up). An IM grade will only be awarded when, in the opinion of the examiner, a student will be able to achieve the remaining objectives of the course after a period of non-directed personal study. |
| 5. | Deferred work: Students who, for medical, family/personal, or employment-related reasons, are unable to complete an assignment or to sit for an examination at the scheduled time may apply to defer an assessment in a course. Such a request must be accompanied by appropriate supporting documentation. One of the following temporary grades may be awarded: IDS (Incomplete - Deferred Examination); IDM (Incomplete Deferred Make-up); IDB (Incomplete - Both Deferred Examination and Deferred Make-up). |
OTHER REQUIREMENTS
- E-mail and Internet access: Students will require access to e-mail and Internet access to UConnect for this course.
This version produced 19 Nov 2009.