Information Security and Assurance - UG (MISA)


MISA 386  Fundamentals of Information Systems Security  3 Credits (3,0)

This course focuses on new risks, threats, and vulnerabilities in a digital world. The integration of the Internet and broadband communications into our everyday lives has created a need for information system security. Furthermore, compliance laws require organizations to protect and secure privacy data and reduce liability.
Prerequisites: MMIS 221

MISA 387  Managing Risk in Information Systems  3 Credits (3,0)

Managing Risk in Information Systems provides a unique, in-depth look at how to manage and reduce IT associated risks. This course provides a comprehensive explanation of the Risk, Response, and Recovery Domain in addition to providing a thorough overview of risk management and its implications on IT infrastructures and compliance.
Prerequisites: MISA 386

MISA 388  System Forensics, Investigation, and Response  3 Credits (3,0)

Computer crimes call for forensics specialists, people who know how to find and follow the evidence. System Forensics, Investigation, and Response begin by examining the fundamentals of system forensics; such as what forensics is, the role of computer forensics specialists, computer forensic evidence, and application of forensic analysis skills. It also gives an overview of computer crimes, forensic methods, and laboratories. It then addresses the tools, techniques, and methods used to perform computer forensics and investigation. Finally, it explores emerging technologies as well as future directions of this interesting and cutting-edge field.
Prerequisites: MISA 386

MISA 394  Information Security Operations Management  3 Credits (3,0)

Information security operations management carries out the ongoing activities necessary to keep an organization's information risks under control. It brings together strategic and tactical plans for risk management, business continuity, disaster recovery, and incident response into a day-by-day, week-by-week operational set of processes and decisions. Students will learn how information security operations management becomes even more critical to business success and survival as organizations move into cloud, edge, and fog computing architectures, and include more operational technologies such as Internet of Things (IoT), autonomous platforms, and smart buildings into their business logic.
Prerequisites: MMIS 221

MISA 402  Legal Issues in Information Security  3 Credits (3,0)

Explores laws, legal compliance, security governance and processes instrumental to information security; protection of privacy; protection against unreasonable intrusion.
Prerequisites: MISA 386

MISA 403  IT Audit and Control  3 Credits (3,0)

The course is designed to provide a foundation for the study of information technology (IT) auditing and the IT audit process. The course introduces the fundamentals of IT auditing, main reasons why IT auditing is a specialized area of auditing, and the principle objectives of IT auditing. The course emphasizes business management issues regarding the security and control of IT and the achievement of value through managed IT processes. Students will also be introduced to control evaluation techniques and a number of the primary references used by IT professionals and IT auditors regarding IT management and control.
Prerequisites: MISA 386

MISA 404  Business Continuity & Disaster Recovery Planning  3 Credits (3,0)

Every year, nearly one in five businesses, non-profit and government activities suffer major disruptions to their ongoing operations because of catastrophic failures in their critical information systems. And although information systems and their technologies can provide some measure of "fail-safe" capabilities, without management attention to business continuity planning, the organization is putting its institutional life at risk! This course addresses the strategic, tactical and day-to-day operational planning and implementation of an integrated set of plans that assure the long-term survivability of the organization's ability to keep doing business in the face of major malware threats, natural disasters, or man-made hazards that could cripple or destroy the information flow that business decision making depends upon. In doing so, the course places contingency planning and response into a solid information risk management and information security framework. By focusing on critical information flow - and how people use information systems and technologies to make and carry out decisions before, during and after disaster strikes - the course sheds light on critical decisions that organizations must make, both technology issues and technology-independent considerations.
Prerequisites: MISA 386