CYBR C225: Cybersecurity Governance, Risk, and Compliance
| Item | Value |
|---|---|
| Curriculum Committee Approval Date | 04/24/2020 |
| Top Code | 070800 - Computer Infrastructure and Support |
| Units | 3 Total Units |
| Hours | 54 Total Hours (Lecture Hours 54) |
| Total Outside of Class Hours | 0 |
| Course Credit Status | Credit: Degree Applicable (D) |
| Material Fee | No |
| Basic Skills | Not Basic Skills (N) |
| Repeatable | No |
| Grading Policy | Standard Letter (S),
|
Course Description
Students will explore an introduction to governance, risk, and compliance in cybersecurity. Topics covered include cybersecurity risk management, improving critical cybersecurity infrastructure, cybersecurity governance and audit frameworks, and internal audits. This course is intended for students with an interest in cyber defense for private organizations or government law enforcement. Careers and emerging trends in the field of cybersecurity will be evaluated. ADVISORY: CYBR C230 and C260. Transfer Credit: CSU.
Course Level Student Learning Outcome(s)
- Evaluate the effectiveness of the IT governance structure to determine whether IT decisions, directions and performance support the organization's strategies and objectives.
- Analyze risk management practices to determine whether the organization's IT-related risk is identified, assessed, monitored, reported and managed.
- Identify and document methods for implementing a security awareness program.
Course Objectives
- 1. Examine information security control principles related to information systems.
- 2. Describe development of specific audit plans to determine whether information systems are protected, controlled and provide value to the organization.
- 3. Analyze the processes for the development, implementation and maintenance of IT strategy, policies, standards, and procedures.
Lecture Content
Cybersecurity Risk Management and the Framework for Improving Critical Infrastructure Cybersecurity Cybersecurity Risk Management Introduction to the Framework for Improving Critical Infrastructure Cybersecurity Identify Function Protect Function Detect Function Respond Function Recover Function Cybersecurity, Governance, Audit, and the COBIT Framework The COBIT Framework Decomposition of Framework Framework Structures Generic Domains Decomposition of COBIT Framework Principles COBIT Management Guidelines COBIT Management Dashboard What COBIT Sets Out to Accomplish Internal Audits Tying It All Together
Method(s) of Instruction
- Lecture (02)
- DE Live Online Lecture (02S)
- DE Online Lecture (02X)
Instructional Techniques
This course will utilize a combination of lecture, hands-on guided laboratory assignments, classroom/discussion student interactions, problem solving, quizzes, tests, and troubleshooting assignments to achieve the goals and objectives of this course. All instructional methods are consistent across all modalities.
Reading Assignments
Read about and research the cybersecurity governance, risk, and compliance. Read about the international, federal, local laws, and industry regulations applicable to organizations.
Writing Assignments
Prepare a preliminary report for upper management on the gaps in policy and compliance along with the level of risk involved.
Out-of-class Assignments
Review case studies containing compliance issues and suggest appropriate actions.
Demonstration of Critical Thinking
Students will analyze ethical issues and recommend appropriate actions.
Required Writing, Problem Solving, Skills Demonstration
Skills will be demonstrated through the review of case studies followed by written reports.
Eligible Disciplines
Computer information systems (computer network installation, microcomputer ...: Any bachelors degree and two years of professional experience, or any associate degree and six years of professional experience. Computer service technology: Any bachelors degree and two years of professional experience, or any associate degree and six years of professional experience.
Textbooks Resources
1. Required Whitman, Michal; Mattord, Herbert. Management of Information Security, 6th ed. Boston, MA: Cengage Learning. ISBN-13: Ebook-9780357691205; Paperback-9781337405713, 2018
Other Resources
1. Coastline Library 2. OER - Open Educational Resources