ARST 575J (3)

IT SECURITY, INFORMATION ASSURANCE AND RISK MANAGEMENT

Offered on an irregular basis; cross-listed with LIBR 514K

PREREQUISITES:

MAS and Dual Students: completion of the MAS core courses

MLIS students: LIBR 516 and completion of the MLIS core courses, plus permission of the SLAIS Graduate Adviser

GOAL: This course provides an overview of the fields of IT Security, Information Assurance and Risk Management. IT Security and Information Assurance are concerned with threats to the Confidentiality, Integrity and Availability (CIA) of information systems.  Risk management comprises a set of coordinated activities to direct and control an organization with regard to risk. This course will explore how IT Security, Information Assurance, and Risk Management intersect with the management of records in digital environments and will address the application of IT Security, Information Assurance and Risk Management theories, principles, and techniques to the management records-related risks.

OBJECTIVES:

Upon completion of this course, students will be able to:

  • Explain the history and development of the fields of IT Security, Information Assurance and Risk Management and appreciate the differences between the three approaches
  • Define and apply Information Assurance and Risk Management concepts and terms
  • Describe and critically evaluate Security Management and Information Assurance practices
  • Describe Risk Management practices and critically evaluate how they can be applied to managing records-related risks
  • Describe and critically evaluate Telecommunications and Network Technologies, risks to records arising from these technologies and ways in which these risks may be managed
  • Describe and critically evaluate the Application Technologies and the Application Development Life Cycle, risks to records arising from these technologies and ways in which these risks may be managed
  • Describe and critically evaluate Business Continuity and Disaster Planning practices and how these may be used to address risks to records
  • Describe and critically evaluate Physical Security practices and how these may be used to address risks to records
  • Describe and critically discuss recent technology trends (e.g. Cloud Computing, Social Networking and Mobile Technologies, the risks to records to which these technologies may give rise, and ways in which these risks may be managed

CONTENT:

  • History and development of the fields of IT Security, Information Assurance and Risk Management and appreciate the differences between the three approaches
  • IT Security, Information Assurance and Risk Management concepts and terms
  • Security Management and Information Assurance practices
  • Risk Management practices and how they can be applied to managing records-related risks
  • Telecommunications and Network Technologies, risks to records arising from these technologies and ways in which these risks may be managed
  • Application Technologies and the Application Development Life Cycle, risks to records arising from these technologies and ways in which these risks may be managed
  • Access Control
  • Business Continuity and Disaster Planning practices and how these may be used to address risks to records
  • Physical Security practices and how these may be used to address risks to records
  • Technology trends (e.g. Cloud Computing, Social Networking and Mobile Technologies, the risks to records to which these technologies may give rise, and ways in which these risks may be managed