Go to Charter Oak State College home page
Request InfoApply Now

CSS 230: Managing Risk in Information Systems

Course Description

This course will focus on the broad topic of risk management and how risk, threats, and vulnerabilities impact information systems. Areas of instruction include how to assess and manage risk based on defining an acceptable level of risk for information systems. Elements of a business impact analysis, business continuity plan, and disaster recovery plan will also be discussed. (3 credits)

Prerequisites

  • ITE 145: Fundamentals of Information Systems Security OR CSS 101 Cybersecurity Fundamentals
  • ENG 101: English Composition 1

Student Learning Outcomes (SLOs)

Upon completion of the course, the students will be able to:

  1. Describe components of and approaches to effective risk management in an organization.
  2. Describe techniques for identifying, analyzing, and mitigating relevant threats, vulnerabilities, and exploits.
  3. Identify compliance laws, standards, best practices, and policies of risk management.
  4. Describe components of and approaches to effective risk assessments in an organization.
  5. Identify assets and activities to protect within an organization.
  6. Identify risk mitigation security controls and develop a risk mitigation plan.
  7. Perform a business impact analysis.
  8. Perform business continuity, disaster, and incident response planning.

Course Activities and Grading

AssignmentsWeight

Discussions

20%

Written Assignments

10%

Quizzes

15%

Projects

30%

Final Exam

25%

Total

100%

Required Textbooks

Available through Charter Oak State College's Book Bundle

  • Gibson, Darril and Igonor, Andy. Managing Risk in Information System - with Access Code. 3rd ed. Burlington, MA: Jones & Bartlett, 2022. 

Course Schedule

Week

SLOs

Readings and Exercises

Assignments

1

1, 2

Topics: Risk Management Fundamentals and Threat Management

  • Readings:
    • Chapter 1: Risk Management Fundamentals
    • Chapter 2: Managing Risk: Threats, Vulnerabilities, and Exploits
  • Read assigned chapters
  • Participate in the Discussions
  • Review the Lecture material
  • Submit Week 1 Assignments

2

3

Topic: Understanding and Maintaining Compliance

  • Readings:
    • Chapter 3: Understanding and Maintaining Compliance
  • Read assigned chapter
  • Participate in the Discussions
  • Review the Lecture material
  • Submit Project Part 1
  • Submit Week 2 Assignments

3

1

Topic: Developing a Risk Management Plan

  • Readings:
    • Chapter 4: Developing a Risk Management Plan
  • Read assigned chapter
  • Participate in the Discussions
  • Review the Lecture material
  • Complete Quiz 1
  • Submit Week 3 Assignments

4

4

Topic: Key Components of Risk Assessment

  • Readings:
    • Chapter 5: : Defining Risk Assessment Approaches
    • Chapter 6: Performing a Risk Assessment
  • Read assigned chapters
  • Participate in the Discussions
  • Review the Lecture material
  • Submit Project Part 2
  • Submit Week 4 Assignments

5

5

Topic: Strategies for Mitigating Risk

  • Readings:
    • Chapter 7: Identifying Assets and Activities to Be Protected
    • Chapter 8: Identifying and Analyzing Threats, Vulnerabilities, and Exploits
    • Chapter 9: Identifying and Analyzing Risk Mitigation Security Controls
  • Read assigned chapters
  • Participate in the Discussions
  • Review the Lecture material
  • Submit Project Part 3
  • Complete Quiz 2
  • Submit Week 5 Assignments

6

6

Topics: Business Impact Analysis and Continuity Planning

  • Readings:
    • Chapter 10: Planning Risk Mitigation Throughout an Organization
    • Chapter 11: Turning a Risk Assessment into a Risk Mitigation Plan
  • Read assigned chapters
  • Participate in the Discussions
  • Review the Lecture material
  • Complete Quiz 3
  • Submit Week 6 Assignments

7

7, 8

Topics: Disaster Recovery, Incident Response Team, and Plan

  • Readings:
    • Chapter 12: Mitigating Risk With a Business Impact Analysis
    • Chapter 13: Mitigating Risk with a Business Continuity Plan
    • Chapter 14: Mitigating Risk With a Disaster Recovery Plan
  • Read assigned chapters
  • Participate in the Discussions
  • Review the Lecture material
  • Submit Project Part 4
  • Submity Week 7 Assignments

8

1-8

Topics: Course Review and Final Examination

  • Readings:
    • Chapter 15: Mitigating Risk With a Computer Incident Response Team Plan
  • Read assigned chapter
  • Review all previously assigned chapters in preparation for the Final Exam
  • Review the Lecture material
  • Participate in the Discussions
  • Submit Project Part 5
  • Submit Week 8 Assignments
  • Complete Final Exam
  • Complete Course Evaluation

 

COSC Accessibility Statement

Charter Oak State College encourages students with disabilities, including non-visible disabilities such as chronic diseases, learning disabilities, head injury, attention deficit/hyperactive disorder, or psychiatric disabilities, to discuss appropriate accommodations with the Office of Accessibility Services at OAS@charteroak.edu.

COSC Policies, Course Policies, Academic Support Services and Resources

Students are responsible for knowing all Charter Oak State College (COSC) institutional policies, course-specific policies, procedures, and available academic support services and resources. Please see COSC Policies for COSC institutional policies, and see also specific policies related to this course. See COSC Resources for information regarding available academic support services and resources.