About this course: This course intends to make the student familiar with information security management. When you have finished with this course you will know more about: • Governance: including the mission, roles and responsibilities of the InfoSec governance function, and the strategic planning process and InfoSec’s role in the organization’s strategic planning effort. • You will understand the various types of InfoSec policies and how effective information security policy is created and used. • Risk management and the risk management process • Certain laws and ethical issues impacting information security in the organization. And some common information security management practices such as benchmarking and performance measures.
Who is this class for: This course is targeted at those who do not have practical knowledge of information security management bu who might be interested to know what is included in this are of business operation.
Created by: University System of Georgia
Taught by: Dr. Humayun Zafar, Associate Professor of Information Security and Assurance
Information Systems
Taught by: Dr. Traci Carte, Associate Professor Chair, Information Systems
Information Systems
Taught by: Herbert J. Mattord, Ph.D., CISM, CISSP, CDP, Associate Professor in Information Security and Assurance
Information Systems
Taught by: Mr. Andy Green, Lecturer of Information Security and Assurance
Kennesaw State University - Department of Information Systems
Taught by: Michael Whitman, Ph.D., CISM, CISSP, Professor of Information Security
Information Systems
| Basic Info | Course 4 of 4 in the Cybersecurity: Developing a Program for Your Business Specialization |
| Level | Beginner |
| Language | English |
| How To Pass | Pass all graded assignments to complete the course. |
| User Ratings |
Syllabus
WEEK 1
Welcome to the Management of Information Security
This module provides a welcome to the course and describes the course modules that follow. The lecture and reading will introduce you to the broad topic of security management and establish the basic terminology needed for later modules. Also, you will begin learning about the case company that you will use in an extended simulation that spans the rest of this course as you build on your learning by engaging in real world analysis and reporting on cybersecurity topics.
2 videos, 2 readings, 1 practice quiz
- Video: An overview of this course
- Video: Welcome to security Management
- Reading: What is security management?
- Practice Quiz: Pretest: Test your knowledge before you begin
- Discussion Prompt: What is cybersecurity?
- Reading: Capstone Project: Getting started
- Peer Review: Capstone Project: Getting started
WEEK 2
Governance and Strategic Planning in Information Security
In this module, you will explore how organizations organize the cybersecurity function and engage in strategic planning. This will include coverage of where the information security management team is placed in the organizational hierarchy, what functions does the CSO of an organization fulfill, as well as some explanation of the strategic planning function.You will also develop a simulated organizational plan in a report to executive management as part of the ongoing case study.
2 videos, 4 readings, 1 practice quiz
- Video: How organizations are governed
- Reading: How organizations structure the security function
- Discussion Prompt: Where does the security management team belong?
- Reading: What does the CSO do?
- Reading: How organizations make strategic plans for security
- Video: Executive viewpoint on governance in cybersecurity
- Practice Quiz: Governance and strategic planning in information security practice quiz
- Reading: Capstone Project: Organizing for cybersecurity
- Peer Review: Capstone Project: Organizing for cybersecurity
Graded: Governance and strategic planning in information security quiz
WEEK 3
Risk Management
This module will define risk management and explore the processes used by organizations to identify and control risk. This will include basic techniques used to identify and assess risk as well as exploration of the risk control strategies that can be used to help control risk. You will also experiment with reading an industry standard risk report that you will summarize and analyze as you assess operational risk for higher management as part of the ongoing case-based project.
3 videos, 5 readings, 1 practice quiz
- Reading: An overview of the risk management process
- Video: The risk identification process
- Video: The risk assessment process
- Reading: More on identifying and assessing risk
- Reading: Determining risk control strategies
- Reading: Methods used to implement risk management
- Video: Executive viewpoint on risk management methodology
- Discussion Prompt: Selecting a risk management methodology
- Practice Quiz: Risk management practice quiz
- Reading: Capstone Project: Identifying risks
- Peer Review: Capstone Project: Identifying risks
Graded: Risk management quiz
WEEK 4
Regulatory Compliance, Law and Ethics
In this module you will learn about how organizations must manage the complex issues emerging from the rapidly changing legal and regulatory environment. It will include a short overview of the laws and regulations you should plan to learn about as well as an introduction to how ethics is encountered in the workplace. Then you will engage on a discussion on compliance with industry standards and governmental regulation as a means to move closer to a more secure work environment. As part of the ongoing case study you will be asked to advise management on an ethical dilemma currently facing some of the management team at CHI.
2 videos, 4 readings, 1 practice quiz
- Video: An introduction to law, ethics, and compliance
- Reading: The legal landscape of cybersecurity
- Reading: Workplace ethics
- Discussion Prompt: Are ethics important on the job?
- Reading: Common processes in cybersecurity programs
- Discussion Prompt: Is compliance with the regulations enough to have good security?
- Video: Executives viewpoint on implementing compliance programs
- Practice Quiz: Regulations, law, ethics, and compliance practice quiz
- Reading: Capstone Project: Ethical decision making
- Peer Review: Capstone Project: Ethical decision making
Graded: Regulations, law, ethics, and compliance
WEEK 5
Security Programs
This module explores some of the other important elements commonly found in information security management programs. While you will not cover every security management topic, you will explore performance measurement, managing technical controls, and contingency planning. Then, you will assess and report on the proposed incident response plans of the simulated company as part of the ongoing case study.
1 video, 3 readings, 1 practice quiz
- Video: Measuring performance
- Reading: Managing technical controls
- Discussion Prompt: What is the most urgent technical control?
- Reading: Contigency planning including incident response
- Practice Quiz: Security programs practice quiz
- Reading: Capstone Project: Assessing an incident response plan
- Peer Review: Capstone Project: Assessing an incident response plan
Graded: Security programs
WEEK 6
Conclusion
In this module, you will synthesize the content in the course, complete a final exam, and complete your Capstone Project.
2 videos, 1 reading
- Video: Executive viewpoint on the importance of cybersecurity
- Video: Pulling it all together
- Reading: Capstone Project: Completion Report
Graded: Final Exam
Graded: Capstone Project: Completion Report
FAQs
How It Works
Coursework
Each course is like an interactive textbook, featuring pre-recorded videos, quizzes and projects.
Help from Your Peers
Connect with thousands of other learners and debate ideas, discuss course material, and get help mastering concepts.
Certificates
Earn official recognition for your work, and share your success with friends, colleagues, and employers.
Creators
University System of Georgia
The University System of Georgia is composed of 28 higher education institutions including 4 research universities, 2 regional universities, 12 state universities, 13 state colleges and the Skidaway Institute of Oceanography. The Georgia Public Library System, encompassing 61 library systems throughout Georgia, is also part of the University System.
Pricing
| Purchase Course | Audit | |
|---|---|---|
| Access to course materials | Available | Available |
| Access to graded materials | Available | Not available |
| Receive a final grade | Available | Not available |
| Earn a shareable Course Certificate | Available | Not available |
Ratings and Reviews
Great course. Provides a great hands on insight and experience with Cybersecurity
Thank you!
Right level of content, relevant exercises.
Coursera provides universal access to the world’s best education, partnering with top universities and organizations to offer courses online.
© 2017 Coursera Inc. All rights reserved.
Simple but effective