Course

Course Summary
Credit Type:
Course
ACE ID:
CDSE-0040
Organization's ID:
ED 514
Length:
16 weeks (35 hours)
Dates Offered:
Credit Recommendation & Competencies
Level Credits (SH) Subject
Graduate 3 information security management
Description

Objective:

The course objective is to engage security professionals in all functional levels within the enterprise to deliver information system security.

Learning Outcomes:

  • Analyze the security environment on information assets by categorizing the internal and external threat.
  • Analyze principles of cybersecurity by distinguishing key security elements across the enterprise to mitigate risks of threats, vulnerabilities, and consequences.
  • Analyze security information systems for governance processes and roles.
  • Analyze enterprise roles and structures by distinguishing the skills for information security across the different positions within an organization.
  • Analyze the components of strategic planning as they relate to enterprise-wide information security management.
  • Analyze security plans and policies by examining the alignment of the security plan objectives at the strategic, tactical, and operational levels with the threat/vulnerability environment.
  • Evaluate information security laws and regulations by appraising the overall trending legislation that influences information security and privacy.
  • Evaluate security standards and controls by comparing security models and standards.
  • Evaluate effective risk management by assessing what to defend, how much to commit to defense, and risk strategies to employ.
  • Evaluate security metrics and key performance indicators to ensure information security.
  • Evaluate physical and environmental security controls by assessing the connections and dependencies between information and physical security.
  • Create contingency plans for information systems by predicting upstream dependencies and their downstream effects.
  • Create security education, training, and awareness by adapting resources to the organization’s mission and needs.
  • Create secure systems across the DoD enterprise by managing information security through a risk-based approach.
  • Create secure systems and information resources across the DoD enterprise by managing information security through a comprehensive, strategic, architectural construct.

General Topics:

  • The Security Environment Principles of Cybersecurity Cybersecurity Management Concepts Enterprise Roles and Structures Strategy and Strategic Planning Security Plans and Policies Laws and Regulatory Requirements Security Standards and Controls Security Metrics and Key Performance Indicators (KPIs) Physical Security and Environmental Events
Instruction & Assessment

Instructional Strategies:

  • Audio Visual Materials
  • Discussion
  • Lectures

Methods of Assessment:

  • Performance Rubrics (Checklists)
  • Quizzes
  • Written Papers
  • class participation discussion forums

Minimum Passing Score:

80%
Supplemental Materials