This preview shows pages 1–3. Sign up to view the full content.
This preview has intentionally blurred sections. Sign up to view the full version.View Full Document
Unformatted text preview: UNIVERSITY OF HOUSTON College of Technology Department of Information & Logistics Technology ITEC 6324 1 Fall 2008 Course ITEC 6324 Information Systems Security Risk Analysis Prerequisite ITEC 5321 Introduction to Information Systems Security Web page Course is on WebCT Class 202 T2 Hours Th 7:00 10:00 PM Instructor Dr. W. A. Conklin Office 228G T2 Office Hours by appointment Contact email@example.com (preferred method) Text Security Assessment: Case Studies for Implementing the NSA IAM, Syngress Publishing, Russ Rogers, Greg Miles, Ed Fuller, Ted Dykstra ISBN: 1932266968 AND Network Security Evaluation: Using the NSA IEM, Syngress Publishing Russ Rogers, Ed Fuller, Greg Miles, Matthew Hoagberg, Travis Schack, Ted Dykstra, Bryan Cunningham, Chuck Little ISBN: 1597490350 Additional class readings will be posted on webCT Purpose The purpose of the risk management process is to identify, control, and either eliminate or minimize events that may affect computer systems and networks. Elements of this process include risk assessments/analyses, security evaluations, penetration testing, audits, and application program testing. This course focuses on the organizational issues of risk analysis in the legal context of the Internet. Organizational problems involving reliability, safety, security, privacy, and human well-being are addressed. Learning Objectives 1. Learn the common body of knowledge for risk assessment of information systems 2. Develop an understanding of the basic tools and techniques used in risk assessment of information systems 3. Learn the different risk management frameworks from entities such as NIST, ISO 4. Demonstrate an understanding of the NSA IAM and NSA IEM 5. Demonstrate an understanding of the analysis steps of an assessment General The student is expected to read the reading assignments prior to class. Pop tests and homework assignments may be given throughout the semester. All makeup examinations will be given on the day of the final exam less any adjustments. Students are expected to uphold the UH student honesty policy . In accordance with university directives, students are permitted time for religious observation , however it is the students responsibility to notify the instructor in advance of schedule conflicts and resolve them before scheduled exams. UNIVERSITY OF HOUSTON College of Technology Department of Information & Logistics Technology ITEC 6324 2 Fall 2008 Grading: This course will have 2 unannounced quizzes, 2 tests (mid-term and final) and 2 projects. All assignments must be turned in on their assigned date. Missed quizzes will be scored as a zero unless advance notice of class absence is received by the instructor. Schedule conflicts with exams will be resolved on a case by case basis, with the standard being the exam being given early. All make-up exams will be scheduled at the end of the semester....
View Full Document
This note was uploaded on 12/10/2011 for the course TECH 1201 taught by Professor Rock during the Spring '11 term at Hartford.
- Spring '11
- The Hours