IS4550

Security Policies and Implementation

ITT Technical Institute

NT2580
Security Policies and Implementation
Onsite Course

SYLLABUS
Credit hours: 4.5
Contact/lnstructional hours: 60 (30 Theory Hours, 30 Lab Hours)
Prerequisite: 
          IS3110 Risk Management in Information Technology Security or equivalent
Course Description:
This course explores security policies that protect and maintain an organization’s network and information systems assets. Topics include the effects of organizational culture, behavior and communications styles on generating, enforcing and maintaining security policies.

Instructor: Evan Anderson
Phone: 360-399-6115 (text messages preferred)
Email: evan@eranga.net (work)
            eranderson@itt-tech.edu (school)
Class Hours: Friday evenings, 6:00 PM – 11:20 PM
Office Hours: Monday, Tuesday, Thursday, and Friday 3:30 PM – 5:30 PM

COURSE OUTLINE
Unit 1 
Date: Friday, June 16, 2016
Title: Information Systems Security Fundamentals
Assigned Reading: 
Security Policies and 
Implementation Issues
Chapters 1-3.
Activities:
  • Unit 1 Discussion 1.1: Importance of Security Policies (1%)
  • Unit 1 Lab 1.2: Craft an Organization-Wide Security Management Policy for Acceptable Use (2%)
  • Unit 1 Assignment 1.3: Security Policies Overcoming Business Challenges (2%)
Unit 2
Date: Friday, June 24, 2016
Title: Risk Mitigation and Business Support Processes
Assigned Reading: 
Security Policies and 
Implementation Issues
Chapters 4 and 5.
Activities:
  • Unit 2 Discussion 2.1: Risk Mitigation (1%)
  • Unit 2 Lab 2.2: Develop an Organization-Wide Policy Framework Implementation Plan  (2%)
  • Unit 2 Assignment 2.3: Good Policy Implementation (2%)
Unit 3
Date: FridayJuly 1, 2016
Title: Policies, Standards, Procedures, and Guidelines
Assigned Reading: 
Security Policies and 
Implementation Issues
Chapters 6 and 7.
Activities:
  • Unit 3 Discussion 3.1: Business Considerations (1%)
  • Unit 3 Lab 3.2: Define an Information Systems Security Policy Framework for an IT Infrastructure (2%)
  • Unit 3 Assignment 3.3: Security Policy Frameworks (2%)
Unit 4
Date: Friday, July 8, 2016
Title: Information Systems Security Policy Framework
Assigned Reading: 
Security Policies and 
Implementation Issues
Chapter 8.
Activities:
  • Unit 4 Discussion 4.1: Separation of Duties (SOD) (1%)
  • Unit 4 Lab 4.2: Craft a Layered Security Management Policy - Separation of Duties (2%)
  • Unit 4 Assignment 4.3: Security Policy Creation (2%)
Unit 5
Date: Friday, July 15, 2016
Title: User Policies
Assigned Reading: 
Security Policies and 
Implementation Issues
Chapter 9.
Activities:
  • Unit 5 Discussion 5.1: Best Practices for User Policies (1%)
  • Unit 5 Lab 5.2: Craft an Organization-Wide Security Awareness Policy (2%)
  • Unit 5 Assignment 5.3: Create User Policy (2%)
Unit 6
Date: Friday, July 22, 2016
Title: IT Infrastructure Security Policies
Assigned Reading: 
Security Policies and 
Implementation Issues
Chapter 10.
Activities:
  • Unit 6 Discussion 6.1: IT Infrastructure Security Policies (1%)
  • Unit 6 Lab 6.2: Define a Remote Access Policy to Support Remote Healthcare Clinics (2%)
  • Unit 6 Assignment 6.3: IT Infrastructure Policies (2%)
Unit 7
Date: Friday, July 29, 2016
Title: Risk Management
Assigned Reading: 
Security Policies and 
Implementation Issues
Chapter 11.
Activities:
  • Unit 7 Discussion 7.1: Business Impact Analysis (BIA), Business Continuity Plan (BCP), and Disaster Recovery Plan (DRP) (1%)
  • Unit 7 Lab 7.2: Identify Necessary Policies for Business Continuity - BIA & Recovery Time Objectives (2%)
  • Unit 7 Assignment 7.3: Risk Management in a Business Model (2%)
Unit 8
Date: Friday, August 5, 2016
Title: Incident Response Team Policies
Assigned Reading: 
Security Policies and 
Implementation Issues
Chapter 12.
Activities:
  • Unit 8 Discussion 8.1: Support Services (1%)
  • Unit 8 Lab 8.2: Craft a Security or Computer Incident Response Policy – CIRT Response Team (2%)
  • Unit 8 Assignment 8.3: Create an Incident Response Policy (2%)
Unit 9
Date: Friday, August 12, 2016
Title: Implementing and Maintaining an IT Security Policy Framework
Assigned Reading: 
Security Policies and 
Implementation Issues
Chapters 13 and 14.
Activities:
  • Unit 9 Discussion 9.1: Information Dissemination—How to Educate Employees (1%)
  • Unit 9 Lab 9.2: Assess and Audit an Existing IT Security Policy Framework Definition (2%)
  • Unit 9 Assignment 9.3: Policy Monitoring and Enforcement Strategy (2%)
Unit 10
Date: Friday, August 19, 2016
Title: Automated Policy Compliance Systems
Assigned Reading: 
Security Policies and 
Implementation Issues
Chapter 15.
Activities:
  • Unit 10 Discussion 10.1: Tracking, Monitoring, and Reporting (1%)
  • Unit 10 Lab 10.2: Align an IT Security Policy Framework to the 7 Domains of a Typical IT Infrastructure (2%)
  • Unit 10 Assignment 10.3: Automated Policy Compliance Systems (2%)
Unit 11
Date: FridayAugust 26, 2016
Title: Course Review and Final Examination
Activities:
  • Unit 11 Project 11.1: Department of Defense (DoD) Ready (25%)
  • Unit 11 Exam 11.2: Final Exam (25%)
EVALUATION AND GRADING
Graded assignments will be evaluated using the following weighted categories:
  • Discussion (10%)
  • Lab (20%)
  • Assignment (20%)
  • Project (25%)
  • Exam (25%)
(Click here for a PDF copy of the entire student syllabus.)
Your browser is out-of-date!

You need to update your browser to view Foliotek correctly. Update my browser now

×