LIBR 514K (3)

IT SECURITY, INFORMATION ASSURANCE AND RISK MANAGEMENT

Cross-listed with ARST 575J; offered on an irregular basis

PREREQUISITES:

MLIS and DUAL students: LIBR 516 and completion of the MLIS core courses

GOAL: This course provides an overview of the fields of IT Security, Information Assurance and Risk Management. IT Security and Information Assurance are concerned with threats to the Confidentiality, Integrity and Availability (CIA) of information systems.  Risk management comprises a set of coordinated activities to direct and control an organization with regard to risk. This course will explore how IT Security, Information Assurance, and Risk Management intersect with the management of records in digital environments and will address the application of IT Security, Information Assurance and Risk Management theories, principles, and techniques to the management records-related risks.

OBJECTIVES:

Upon completion of this course, students will be able to:

  • Explain the history and development of the fields of IT Security, Information Assurance and Risk Management and appreciate the differences between the three approaches
  • Define and apply Information Assurance and Risk Management concepts and terms
  • Describe and critically evaluate Security Management and Information Assurance practices
  • Describe Risk Management practices and critically evaluate how they can be applied to managing records-related risks
  • Describe and critically evaluate Telecommunications and Network Technologies, risks to records arising from these technologies and ways in which these risks may be managed
  • Describe and critically evaluate the Application Technologies and the Application Development Life Cycle, risks to records arising from these technologies and ways in which these risks may be managed
  • Describe and critically evaluate Business Continuity and Disaster Planning practices and how these may be used to address risks to records
  • Describe and critically evaluate Physical Security practices and how these may be used to address risks to records
  • Describe and critically discuss recent technology trends (e.g. Cloud Computing, Social Networking and Mobile Technologies, the risks to records to which these technologies may give rise, and ways in which these risks may be managed

CONTENT:

  • History and development of the fields of IT Security, Information Assurance and Risk Management and appreciate the differences between the three approaches
  • IT Security, Information Assurance and Risk Management concepts and terms
  • Security Management and Information Assurance practices
  • Risk Management practices and how they can be applied to managing records-related risks
  • Telecommunications and Network Technologies, risks to records arising from these technologies and ways in which these risks may be managed
  • Application Technologies and the Application Development Life Cycle, risks to records arising from these technologies and ways in which these risks may be managed
  • Access Control
  • Business Continuity and Disaster Planning practices and how these may be used to address risks to records
  • Physical Security practices and how these may be used to address risks to records
  • Technology trends (e.g. Cloud Computing, Social Networking and Mobile Technologies, the risks to records to which these technologies may give rise, and ways in which these risks may be managed