Course Outline

MISA 502 : Risk Management and Business Continuity

Preview Workflow

Viewing: MISA 502-WW : Risk Management and Business Continuity

Last approved: Wed, 20 Jan 2016 14:09:15 GMT

Last edit: Wed, 20 Jan 2016 14:09:15 GMT

College of Business (WBUAD)
Risk Management and Business Continuity
Business continuity is the study and practice of making smart risk management decisions that protect and enhance the organization's ability to survive and flourish despite the hazards of the real world. This view of resilience focuses on getting the organization's mission accomplished in part because the organization is flexible enough, responsive enough to meet changing circumstances. Risk management, therefore, is about identifying potential events that could impede the accomplishment of those objectives, and then making cost-effective choices as to whether to absorb, ignore, transfer or mitigate that potential impact. This planning and decision making is an ongoing task that management must perform - well in advance of the occurrence of a hazard, during the event itself, and after the repairs and remediation are complete. While there are many schools of thought about risk, and therefore many categorization schemes about risk, this course takes the perspective that risk is about decision making, and therefore information risk is the fundamental risk that must be managed. The course assesses the different perspectives on information risk -- asset-based, threat-based, process-based, or outcomes-based -- and then looks to the different strategies that can be used to deal with such risks and their potential costs and impacts. Students will then examine the central role that information risk management plays in organizational continuity, and how this dictates the need for effective continuity planning.

This course provides a solid business and organizational context in which the managerial and technical challenges of information risk management are assessed and applied. In doing so, the course explores the relationships between systems and business process quality, information assurance and security, and the planning horizons that organizations must take into account when planning to achieve organizational objectives.

Explain how risk management planning, and the execution of those plans, integrates with other organizational planning processes, such as strategic planning, ongoing operational management, continuity and disaster recovery planning, or asset management. Understand what risk is and apply this concept to the various organizational uses of information and information systems. Explain risk management, the basic risk management strategies, and their importance to the success and survival of organizations. Compare and contrast asset-based, vulnerability-based, process-based, and objective-based strategies, and what they offer to a variety of organizational information risk management situations. Compare and contrast vulnerabilities, threats, and exploits, and explain how these concepts vary across the spectrum of natural, accidental, and deliberate hazards. Compare and contrast risk identification and assessment, with other quality management or systems reliability disciplines such as failure modes and effects analysis. Assess the different categories of controls and how to identify, analyze, and plan risk mitigation controls.

Located on the Daytona Beach Campus, the Jack R. Hunt Library is the primary library for all students of the Worldwide Campus. The Chief Academic Officer strongly recommends that every faculty member, where appropriate, require all students in his or her classes to access the Hunt Library or a comparable college-level local library for research. The results of this research can be used for class projects such as research papers, group discussion, or individual presentations. Students should feel comfortable with using the resources of the library. 

Web & Chat:
Text: (386) 968-8843
Library Phone:  (386) 226-7656 or (800) 678-9428


Written assignments must be formatted in accordance with the current edition of the Publication Manual of the American Psychological Association (APA) unless otherwise instructed in individual assignments.

ActivityPercent of Grade
Input Grading Item100

Undergraduate Grade Scale

90 - 100% A
80 - 89% B
70 - 79% C
60 - 69% D
0 - 60% F

Graduate Grade Scale

90 - 100% A
80 - 89% B
70 - 79% C
0 - 69% F
Mike Wills - 2/24/2015
Wendi Kappers - 2/24/2015
Aaron Glassman - 2/24/2015
Dr. Bobby McMasters - 2/24/2015
1-5 Master of Science in Information Security and Assurance 1. Understand the interdisciplinary aspects (technical, business, management, and policy) of information assurance and information systems and organizational security.
2. Assess and manage the identification of and response to the changing nature of the information risks and information security challenges that increasingly complex, distributed organizations face
3. Establish governance policies and management mechanisms necessary to develop, acquire, and operate sustainable, cost-effective secure information infrastructures
4. Integrate various ethical, legal, technological and professional perspectives, both local and global, along with data protection and information assurance perspectives, throughout the various MIS decision making and managerial and leadership processes
5. Manage and direct the development and operational use of information security and assurance procedures, policies and technologies throughout the organization
Key: 327