CSS 245: Security Policies and Implementation Issues

Course Description

The course will focus on security policies that can be used to help protect and maintain a network, such as password policy, e-mail policy and Internet policy. Topics also include organizational behavior and crisis management. (3 credits)

Prerequisite

  • ITE 145: Fundamentals of Information Systems Security

Student Learning Outcomes (SLOs)

Students who successfully complete this course will be able to:

  1. Identify the role of an information systems security (ISS) policy framework in overcoming business challenges.
  2. Recognize the relationship between business drivers and information systems security policies.
  3. Understand the relationship between regulatory compliance requirements and information system security policies.
  4. Explain how security policies help mitigate risks and support business processes in various domains of a typical IT infrastructure.
  5. Explain issues related to security policy implementations and the keys to success.
  6. Describe the components and basic requirements for creating a security policy framework.
  7. Describe how to design, organize, implement, and maintain IT security policies.
  8. Describe the different methods, roles, responsibilities, and accountabilities of personnel, along with the governance and compliance of a security policy framework.
  9. Describe the different ISS policies associated with the user domain.
  10. Describe the different ISS policies associated with the IT infrastructure.
  11. Describe the different ISS policies associated with risk management.
  12. Describe the different ISS policies associated with incident response teams (IRTs).
  13. Describe issues related to implementing ISS policies.
  14. Describe issues related to enforcing ISS policies.
  15. Describe the different issues related to defining, tracking, monitoring, reporting, automating, and organizing compliance systems and emerging technologies.

General Education Outcomes (GEOs)

Please check the applicable GEOs for this course, if any, by outcomes at GEO Category Search, or by subject area at GEO Discipline Search.

Course Activities and Grading

Assignments

Weight

Discussions

10%

Lab Assignments/Quizzes

20%

Written Assignments

20%

Project

25%

Final Exam

25%

Total

100%

Required Textbooks

Available through Charter Oak State College's online bookstore

  • Johnson, Robert and Chuck Easttom (2022). Security Policies and Implementation Issues. 3rd Edition. Burlington, MA: Jones & Bartlett. ISBN-13: 9781284199840

Course Schedule

Week

SLOs

Readings and Exercises

Assignments

1

1,2

Topic: Information Systems Security Policy Management and Business Drivers

  • Readings:
    • Chapter 1, “Information Systems Security Policy Management”
    • Chapter 2, “Business Drivers for Information Security Policies”
  • Read assigned chapters
  • Participate in the Discussions
  • Review the Lecture material
  • Review the PowerPoint slides
  • Take Week 1 Lab 1 Quiz

2

2,3

Topics: Compliance Laws and Business Challenges

  • Readings:
    • Chapter 3, “Compliance Laws and Information Security Policy Requirements”
    • Chapter 4, “Information Security Policy Implementation Issues"
  • Read assigned chapters
  • Participate in the Discussions
  • Review the Lecture material
  • Review the PowerPoint slides
  • Submit Week 2 Written Assignment
    • Use Security Policies and Controls to Overcome Business Challenges
  • Take Week 2 Lab 2 Quiz
  • Complete Project Part 1: U.S. Compliance Laws Research

3

3,4,5

Topics: IT Security Policy Implementation Issues and Frameworks

  • Readings:
    • Chapter 5, “Information Security Policy Implementation Issues”
    • Chapter 6, “IT Security Policy Frameworks”
  • Read assigned chapters
  • Participate in the Discussions
  • Review the Lecture material
  • Review the PowerPoint slides
  • Submit Week 3 Written Assignment
    • Align Security Policy Frameworks to Business Objectives
  • Take Week 3 Lab 3 Quiz

4

6,7,8

Topics: Managing IT Security Policies, and Policy Framework Approaches

  • Readings:
    • Chapter 7, “How to Design, Organize, Implement, and Maintain IT Security Policies”
    • Chapter 8, “IT Security Policy Framework Approaches”
  • Read assigned chapter
  • Participate in the Discussions
  • Review the Lecture material
  • Review the PowerPoint slides
  • Take Week 4 Lab 4 Quiz
  • Complete Project Part 2: Infrastructure Research A

5

7,8,9

Topics: User Domain and IT Infrastructure Security Policies

  • Readings:
    • Chapter 9, “User Domain Policies”
    • Chapter 10, “IT Infrastructure Security Policies”
  • Read assigned chapters
  • Review the Lecture material
  • Review the PowerPoint slides
  • Submit Week 5 Written Assignment
    • Create User Access Policies
  • Take the Week 5 Lab 5 and Lab 6 Quizzes

6

9,10,11,12

Topics: Data Classification and Handling and Incident Response Team Policies

  • Readings:
    • Chapter 11, “Data Classification and Handling Policies and Risk Management Policies”
    • Chapter 12, “Incident Response Team (IRT) Policies”
  • Read assigned chapters
  • Participate in the Discussions
  • Review the Lecture material
  • Review the PowerPoint slides
  • Submit Week 6 Written Assignment
  • Take the Week 6 Lab 7 and Lab 8 Quizzes
  • Complete Project Part 3: Infrastructure Research B

7

5, 13,14

Topics: IT Security Policy Implementation and Enforcement, Compliance Systems and Emerging Technologies

  • Readings:
    • Chapter 13, “IT Security Policy Implementations”
    • Chapter 14, “IT Security Policy Enforcement”
  • Read assigned chapters
  • Participate in the Discussions
  • Review the Lecture material
  • Review the PowerPoint slides
  • Take the Week 7 Lab 9 Quiz
  • Complete Project Part 4: Final Report

8

1-15

Topics: IT Policy Compliance and Compliance Technologies, Course Review and Final Exam

  • Readings:
    • Chapter 15, “IT Policy Compliance Systems and Compliance Technologies”
    • Review the material from the previous weeks to prepare for Final Exam
  • Read the assigned chapter
  • Participate in the Discussions
  • Review the Lecture material
  • Review the PowerPoint slides
  • Take the Week 8 Lab 10 Quiz
  • Complete Final Exam
  • Complete the Course Evaluation

05182021

COSC Accessibility Statement

Charter Oak State College encourages students with disabilities, including non-visible disabilities such as chronic diseases, learning disabilities, head injury, attention deficit/hyperactive disorder, or psychiatric disabilities, to discuss appropriate accommodations with the Office of Accessibility Services at OAS@charteroak.edu.

COSC Policies, Course Policies, Academic Support Services and Resources

Students are responsible for knowing all Charter Oak State College (COSC) institutional policies, course-specific policies, procedures, and available academic support services and resources. Please see COSC Policies for COSC institutional policies, and see also specific policies related to this course. See COSC Resources for information regarding available academic support services and resources.