Information Security Analysis (ISA)

Students develop competencies in implementing an enterprise strategic security plan by integrating effective security policies, standards, procedures and controls.

 

IA8125 Information Security Policy Planning and Analysis
In this course, students develop information assurance policies and deployment plans as part of the comprehensive strategic plan and operational objectives of the enterprise. (3 credits)

DELIVERABLES: Policy Analysis; Policy Statement; Policy Implementation Plan

COURSE OBJECTIVES:

  • To analyze how legislation mandates the need for policy.
  • To identify policy requirements within a given environment..
  • To develop a policy statement that meets the identified needs.
  • To formulate an implementation strategy for the policy.
IA8020 Security Policies, Standards and Procedures
In this course, students examine the role of security policies, standards and procedures in addressing business and technical risks and develop a security governance report to evaluate compliance across the enterprise. (3 credits)

DELIVERABLES: Enterprise Security Critique; Security Governance Report

COURSE OBJECTIVES:

  • To examine the role of security policies, standards and procedures in supporting information security and assurance across the enterprise.
  • To examine the management of security policy review and implementation projects.
  • To demonstrate how to effectively address business and technical risks to the enterprise through appropriate policies, standards and procedures.
  • To develop a security governance report to evaluate compliance across the enterprise.
IA8030 Design, Development and Evaluation of Security Controls
In this course, students transform high-level policies and procedures into quantifiable and measurable controls and mechanisms that enforce data and process integrity, availability and confidentiality. (3 credits)
 
DELIVERABLES: General IT Controls Review; Application Controls Review
 
COURSE OBJECTIVES:

  • To analyze and evaluate the interrelationship between risk management objectives and the application of effective business and IT controls.
  • To identify, define and evaluate key business and IT processes, requirements and performance metrics used by management to monitor and control risk.
  • To identify, analyze and evaluate organizational, administrative, network, and application-specific controls and risk mitigation strategies to meet business and technical objectives.
  • To demonstrate knowledge of the management of business and IT controls assessment projects.
  • To transform high-level business and technical objectives into quantifiable and measurable controls and mechanisms which enforce data and process integrity, availability and confidentiality.
IA8190 Forensic Evaluation and Incident Response Management
In this course, students explore the essentials of electronic discovery and analyze issues related to cyber evidence. Using this evidence, students identify and analyze the nature of security incidents, the source of potential threats and the methods used in incident management and mitigation. Students also analyze the technical and business issues which affect the actions of the enterprise in responding to a security incident. (3 credits)

DELIVERABLES: Forensic Evaluations; Incident Response Plan

COURSE OBJECTIVES:

  • To identify and analyze the nature of computer security incidents and the source of potential threats.
  • To demonstrate knowledge of a methodology for end-to-end incident management and mitigation.
  • To analyze and evaluate the business and non-technical drivers as well as technical issues associated with incident management.
  • To apply the rules of evidence to electronic security incidents in the identification of criminal actions using network trace back and computer forensics.
Credits required for Certificate: 12

» Take the next step. Submit an inquiry of interest.

 

Join the Cybersecurity Elite
U of F Cybersecurity Education Path

Education Path
Distinguish yourself and advance your cybersecurity career by following the University of Fairfax Online Cybersecurity Education Path. No matter which graduate program you pursue, all of your courses will explore relevant cybersecurity policy and management issues, and you will complete a cybersecurity project in each course. You can apply what you learn and make significant contributions in your workplace right away.
» Download PDF or register for a

 

https://www.ufairfax.edu/graduate-programs/information-security-analysis-isa/default.lasso