This course focuses on the personnel, legal, regulatory, and privacy issues that constitute many of the basic management areas that must be considered in developing and implementing an effective information security program. The course examines the legal basis for privacy and security of information and related technologies. Students study the USA PATRIOT ACT, GASSP, security best practices and appropriate organizational responses to risk associated with the integrity of information. It presents methods and procedures for the assessment of risk, and examines strategies for mitigation of risk involving operational procedures, political issues in the organization and the implementation of an enterprise wide security strategy.
PSA 547 Information Security and Technology