Security and Risk Management (ITSE302)
This course provides a foundational understanding of how to protect organizations from cybersecurity threats and effectively manage associated risks. It focuses on organizational security, covering comprehensive risk management practices such as risk identification, assessment, analysis, measurement, and control. The course also delves into security governance and policy development, including the intersection of laws, ethics, and compliance within an organizational context. Key topics include understanding strategic and operational cybersecurity planning, managing business continuity and disaster recovery, and conducting incident response. Students will also examine security program management, including project management and the use of security metrics, and consider personnel security aspects and security operations within an enterprise.