Course ObjectivesA strong grounding in computer and network security.
Learn the factors related to the plan-protect-respond cycle of IT security.
An understanding of networking concepts.
You will learn of the importance of IT security to the accounting profession and of the various control frameworks that accountant's rely on for SOX compliance.
This course is learning about defense so we will learn about many threats and how they exploit vulnerabilities but we will NOT be using these exploits in class.
2
Syllabus HighlightsDr. Steven Hornik
email: [email protected]
Course Webpage: http://acg6415.wikispaces.com/
Office Hours: Tuesday 12:30 – 1:30 Thursday 4:30 – 5:45; and by appointment
Office: BA1 432
Grade ComponentsExam 1 (Ch. 1 - 4)* 250
Exam 2 (Ch. 5- 9) 250
Access Control Simulation 100
Discussions 100
Research Paper 200
Research Paper – Presentation 50
Total Points 950
Grading Scale
• A 4.00 100-93
• A- 3.75 92-90
• B+ 3.25 89-86
• B 3.00 85-83
• B- 2.75 82-80
• C+ 2.25 79-76
• C 2.00 75-73
• C- 1.75 72-70• D+ 1.25 69-66 • D 1.00 65-63 • D- 0.75 62-60 • F 0.00 <59
WikiSpace E-mail Invitation or Click “Join” button
Join if you haven’t
Collaborative Web Pages You can Add material to any page You can Edit material already posted to a page You can Delete material posted to a page You can Create a new page with new material
Material text content Hyperlinks
WebPages, Podcasts, Video, Audio, etc.
Group Research/Project Paper Each group will have its own Team page(s) for supporting
collaborative work.
Research/Project Paper Groups of 3
Group Assessment
10-15 page final paper
Dates: Initial Title (1 sentence) – 02/09/2012 Summary idea (1 page + group assessment rubric) 02/16/2012 Draft – 5 page minimum - 03/01/2012 Final paper – 04/05/2012 Presentations – 04/12 to 4/19/2012
Topics (only 2 groups can do the same topic) Using OCTAVE Allegro, create an risk assessment, using the OCTAVE Allegro worksheets, for an
organization you work for or have access to. Identifying between 5-7 critical information assets. Beyond the risk assessment this project requires a summary of how risk assessment fits within the IT Governance frameworks
.Describe COSO's ERM Framework (2004), Key Risk Indicators (2010). Using material from our book and website determine a set of KRI's that could be useful in anticipating IT Security exploits, i.e. can we scan our internal/external environment for possible increased risk so that we can react to it beforehand? Before proceeding with this project you will need to discuss the number of exploits to be examined.
Using the various standards/frameworks, COBIT, ISO, ITIL, etc. create a report of the similarities between them and come up with a list of common controls, i.e. create a grand unified control document. The paper should include summaries of each of the frameworks included and a compare/contrast section.
Research and prepare a report on the compliance issues related to SOX and IT Security. In-depth analysis of a current topic related to accounting and IT-Security (e.g. cloud computing). 10
Top Related