Information System Certification (ISC)

Students develop competencies in forensically analyzing cyber evidence, enforcing data process controls, certifying information protection programs, and managing risk and compliance.

IA8030 Design, Development and Evaluation of Security Controls
In this course, students transform high-level policies and procedures into quantifiable and measurable controls and mechanisms that enforce data and process integrity, availability and confidentiality.(3 credits)

DELIVERABLES: General IT Controls Review; Application Controls Review


  • To analyze and evaluate the interrelationship between risk management objectives and the application of effective business and IT controls.
  • To identify, define and evaluate key business and IT processes, requirements and performance metrics used by management to monitor and control risk.
  • To identify, analyze and evaluate organizational, administrative, network, and application-specific controls and risk mitigation strategies to meet business and technical objectives.
  • To demonstrate knowledge of the management of business and IT controls assessment projects
  • To transform high-level business and technical objectives into quantifiable and measurable controls and mechanisms which enforce data and process integrity, availability and confidentiality.
IA8110 Certification and Accreditation
In this course, students analyze an enterprise-wide view of information systems and the establishment of appropriate, cost-effective information protection programs. Within this context, students examine a set of standard policies, procedures, activities and a management structure to certify and accredit information systems for the protection of the data as well as the systems. (3 credits)

DELIVERABLES: C&A Plan; Accreditation Recommendation


  • To select a certification and accreditation methodology appropriate to an organization's compliance requirements.
  • To demonstrate knowledge of the components necessary to perform a certification assessment.
  • To develop a certification plan to meet an organization's compliance requirements.
  • To assess residual risk and produce an accreditation recommendation.
IA8140 Business Continuity Planning and Recovery
In this course, students explore tools and strategies for Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP) activities. Topics include business impact assessment methods, recovery strategy approaches and solutions and continuity planning. (3 credits)

DELIVERABLES: Business Continuity Plan


  • To examine methods used in the identification of vulnerabilities and approaches taken to prevent and mitigate risks for an organization.
  • To demonstrate how to effectively address business and technical risks to the enterprise through appropriated business continuity planning and disaster recovery planning activities.
  • To gain experience in the use of standard and advanced tools, techniques and methodologies that support disaster recovery activities.
IA8190 Forensic Evaluation and Incident Response Management
In this course, students explore the essentials of electronic discovery and analyze issues related to cyber evidence. Using this evidence, students identify and analyze the nature of security incidents, the source of potential threats and the methods used in incident management and mitigation. Students also analyze the technical and business issues which affect the actions of the enterprise in responding to a security incident. (3 credits)

DELIVERABLES: Forensic Evaluations; Incident Response Plan


  • To identify and analyze the nature of computer security incidents and the source of potential threats.
  • To demonstrate knowledge of a methodology for end-to-end incident management and mitigation.
  • To analyze and evaluate the business and non-technical drivers as well as technical issues associated with incident management.
  • To develop a mitigation plan to achieve compliance.
Credits required for Certificate: 12

» Take the next step. Submit an inquiry of interest.


Join the Cybersecurity Elite
U of F Cybersecurity Education Path

Education Path
Distinguish yourself and advance your cybersecurity career by following the University of Fairfax Online Cybersecurity Education Path. No matter which graduate program you pursue, all of your courses will explore relevant cybersecurity policy and management issues, and you will complete a cybersecurity project in each course. You can apply what you learn and make significant contributions in your workplace right away.
» Download PDF or register for a