Information Security Ethics, Policy and Legal Issues

The course covers how to identify and prioritize information assets, identify and prioritize threats to information assets, define an information security policy, develop, implement and maintain various security policies, implement information security constraints used to prevent misuse of information on an organization’s human resources process, and to know the role of culture in ethics as it applies to information security. As a result of completing this course, students will be able to describe the need for and development of information security policies, and identify guidelines and models for writing policies, define risk management and explain why it is an important component of an information security strategy and practice, identify security issues related to personnel decisions, and qualifications of security personnel and to take ethics into consideration while dealing with information security.