INFOSEC 690R Information Risk Management

INFOSEC 690R Information Risk Management

Credits: 

3

Syllabus

  • When: Sep 5 – Oct 26, 2017. This is a 3-credit, semester-length course that is scheduled at an accelerated pace of 8 weeks. Each week is comprised of two 2-hour sessions.
  • Where: Students can choose to take the class either 1) in-person at the UMass Center in Springfield, MA ; 2) or as remote participants. All class sessions will be recorded, which online students can view later in the day or week. Readings, discussion forums, and other interactive sessions are required of remote participants.
  • Instructor: Mandy Andress
  • Enroll now.
  •  This class can be applied towards the Information Security Certificate or as an outside elective for the CS MS degree.

 

This course reviews assessing, measuring, and managing information risk in today’s organizations.  In this course, we will review the most contemporary literature as it is still developing on this topic as well as engage students in case studies that will allow them to make connections between the academic literature and actual practice. 

Learning objectives of this course include:

  • Defining risk in the context of information management
  • Identifying discreet types of risk and relevant approaches to management
  • Discerning risk appetite related to context
  • Applying academic concepts to practice through case study process

Grading

There are no uniform exams for this course.  Each student should be prepared to engage in Socratic dialogue with the instructor based on readings and the development of course content and to contribute on-going and original thought in class discussion.  Group work will be incorporated into class exercises as well as student-student evaluation as an integral component of course work. 

Students will also identify in consultation with the instructor a research topic.  On-going consultation with the professor is encouraged throughout the duration of the research.  Final product will be in the form of standard term paper and presentation of the material to the class.  These presentations will be made throughout the course and do not have to coincide with the final paper.   Students are further encouraged to consider topics early in the course.  

Grading will be based on all of these components of the course. 

Schedule

Week One

Class One:          Introduction
9/5                       Course Objectives
                            Schedule and Syllabus
                            Overview of Information Risk Management
                            General Overview of Case Study Process
                       
Readings:     

Class Two:         Basic Risk Concepts
9/7                      Introduction to FAIR and risk frameworks

Readings:           Freund, Chapters 2-3
                           Hubbard, Failure, Chapter 2-3

 

Week Two

Class Three:      Understanding FAIR
9/12

Readings:          Freund, Chapter 4
                          Hubbard, Failure, Chapter 4-5

 

Class Four:        Introduction to Measurement
9/14

Readings:          Freund, Chapter 5
                          Hubbard, Failure, Chapter 6
                          Hubbard, How to Measure, Chapters 1-2

                        

Week Three

Class Five:       Introduction to Measurement
9/19

Readings:        Hubbard, Failure, Chapter 7
                        Hubbard, How to Measure, Chapters 3-4
 

Class Six:        Risk Analysis
9/21

Readings:       Freund, Chapters 9-10
                       Hubbard, Failure, Chapter 8
                       Hubbard, How to Measure, Chapters 5
 

Week Four

Class Seven:  Measurement Methods 
9/26 

Readings:      Hubbard, Failure, Chapter 10
                      Hubbard, How to Measure, Chapters 6-7
                      

Class Eight:   Putting the Concepts Together, Using Frameworks
9/28

Readings:      Freund, Chapters 12 and 14
                      Hubbard, Failure, Chapter 12
 

Week Five  

Class Nine:    Advanced Measurement
10/3

Readings:      Hubbard, How to Measure, Chapters 8-9

 

Class Ten:      Risk Analysis
10/5

Readings:      Freund, Chapters 6-8
                      Hubbard, How to Measure, Chapters 10-12

Week Six

Class Eleven:   Controls         
10/10

Readings:         Freund, Chapter 11
                       

Class Twelve:   Managing Risk
10/12

Readings:      Freund, Chapter 13

 

Week Seven

Class Thirteen:  Mitigating Risk
10/17

Readings:     

 

Class Fourteen:  Building a Risk Management Program
10/19

Week Eight

Class Fifteen:     Presentations
10/24
 

Class Sixteen:    Presentations and Wrap Up - PAPERS DUE END OF DAY
10/26
 

General Course Information, Academic Integrity and Disability Services
 

For information about University of Massachusetts Amherst Student Disability Services, please see: http://www.umass.edu/disability/students.html

Also, please review the University of Massachusetts Amherst Academic Honesty Policy and Procedures, to be found starting at this page:  http://www.umass.edu/honesty/

Contact information, office hours and other logistics to be addressed on site at the first class.
 

Bibliography