A3/Z3 and : Information Security Risk Management I Spring, 2018

Similar documents
ACADEMIC POLICIES AND PROCEDURES

PSCH 312: Social Psychology

The University of British Columbia Board of Governors

Required Materials: The Elements of Design, Third Edition; Poppy Evans & Mark A. Thomas; ISBN GB+ flash/jump drive

Monday/Wednesday, 9:00 AM 10:30 AM

COMM370, Social Media Advertising Fall 2017

ECON492 Senior Capstone Seminar: Cost-Benefit and Local Economic Policy Analysis Fall 2017 Instructor: Dr. Anita Alves Pena

SYLLABUS. EC 322 Intermediate Macroeconomics Fall 2012

RESEARCH INTEGRITY AND SCHOLARSHIP POLICY

Course Syllabus Advanced-Intermediate Grammar ESOL 0352

Last Editorial Change:

Office Hours: Day Time Location TR 12:00pm - 2:00pm Main Campus Carl DeSantis Building 5136

Course Content Concepts

Professors will not accept Extra Credit work nor should students ask a professor to make Extra Credit assignments.

Be aware there will be a makeup date for missed class time on the Thanksgiving holiday. This will be discussed in class. Course Description

ASTRONOMY 2801A: Stars, Galaxies & Cosmology : Fall term

MANAGERIAL LEADERSHIP

SOCIAL PSYCHOLOGY. This course meets the following university learning outcomes: 1. Demonstrate an integrative knowledge of human and natural worlds

Accounting 312: Fundamentals of Managerial Accounting Syllabus Spring Brown

MURRAY STATE UNIVERSITY DEPARTMENT: NUTRITION, DIETETICS, AND FOOD MANAGEMENT COURSE PREFIX: NTN COURSE NUMBER: 230 CREDIT HOURS: 3

PSY 1012 General Psychology. Course Policies and Syllabus

San José State University

b) Allegation means information in any form forwarded to a Dean relating to possible Misconduct in Scholarly Activity.

CS 100: Principles of Computing

Office Location: LOCATION: BS 217 COURSE REFERENCE NUMBER: 93000

Anglia Ruskin University Assessment Offences

Computer Architecture CSC

ACC : Accounting Transaction Processing Systems COURSE SYLLABUS Spring 2011, MW 3:30-4:45 p.m. Bryan 202

Introduction to Psychology

Class Mondays & Wednesdays 11:00 am - 12:15 pm Rowe 161. Office Mondays 9:30 am - 10:30 am, Friday 352-B (3 rd floor) or by appointment

3D DIGITAL ANIMATION TECHNIQUES (3DAT)

BA 130 Introduction to International Business

MAR Environmental Problems & Solutions. Stony Brook University School of Marine & Atmospheric Sciences (SoMAS)

Class Tuesdays & Thursdays 12:30-1:45 pm Friday 107. Office Tuesdays 9:30 am - 10:30 am, Friday 352-B (3 rd floor) or by appointment

CRITICAL THINKING AND WRITING: ENG 200H-D01 - Spring 2017 TR 10:45-12:15 p.m., HH 205

PSYC 2700H-B: INTRODUCTION TO SOCIAL PSYCHOLOGY

Social Media Journalism J336F Unique Spring 2016

SYLLABUS: RURAL SOCIOLOGY 1500 INTRODUCTION TO RURAL SOCIOLOGY SPRING 2017

San José State University Department of Psychology PSYC , Human Learning, Spring 2017

CIS 121 INTRODUCTION TO COMPUTER INFORMATION SYSTEMS - SYLLABUS

Introduction to Forensic Anthropology ASM 275, Section 1737, Glendale Community College, Fall 2008

Syllabus - ESET 369 Embedded Systems Software, Fall 2016

Scottsdale Community College Spring 2016 CIS190 Intro to LANs CIS105 or permission of Instructor

CHMB16H3 TECHNIQUES IN ANALYTICAL CHEMISTRY

Instructor Experience and Qualifications Professor of Business at NDNU; Over twenty-five years of experience in teaching undergraduate students.

The University of Texas at Tyler College of Business and Technology Department of Management and Marketing SPRING 2015

IST 440, Section 004: Technology Integration and Problem-Solving Spring 2017 Mon, Wed, & Fri 12:20-1:10pm Room IST 202

SPM 5309: SPORT MARKETING Fall 2017 (SEC. 8695; 3 credits)

THE UNIVERSITY OF WESTERN ONTARIO. Department of Psychology

Grading Policy/Evaluation: The grades will be counted in the following way: Quizzes 30% Tests 40% Final Exam: 30%

Required Text: Oltmanns, T. & Emery, R. (2014). Abnormal Psychology (8th Edition) ISBN-13: ISBN-10:

THE GEORGE WASHINGTON UNIVERSITY Department of Economics. ECON 1012: PRINCIPLES OF MACROECONOMICS Prof. Irene R. Foster

Texas A&M University - Central Texas PSYK PRINCIPLES OF RESEARCH FOR THE BEHAVIORAL SCIENCES. Professor: Elizabeth K.

Class Meeting Time and Place: Section 3: MTWF10:00-10:50 TILT 221

BUFFET THEORY AND PRODUCTION - CHEF 2332 Thursday 1:30pm 7:00pm Northeast Texas Community College - Our Place Restaurant Course Syllabus Fall 2013

Course Syllabus for Calculus I (Summer 2017)

MGMT 3362 Human Resource Management Course Syllabus Spring 2016 (Interactive Video) Business Administration 222D (Edinburg Campus)

MATH 1A: Calculus I Sec 01 Winter 2017 Room E31 MTWThF 8:30-9:20AM

MGT 136 Advanced Accounting

MTH 141 Calculus 1 Syllabus Spring 2017

IPHY 3410 Section 1 - Introduction to Human Anatomy Lecture Syllabus (Spring, 2017)

Mktg 315 Marketing Research Spring 2015 Sec. 003 W 6:00-8:45 p.m. MBEB 1110

COURSE BAPA 550 (816): Foundations of Managerial Economics Course Outline

Graduate Program in Education

Social Media Journalism J336F Unique ID CMA Fall 2012

GEOG 473/573: Intermediate Geographic Information Systems Department of Geography Minnesota State University, Mankato

General Physics I Class Syllabus

THE UNIVERSITY OF WINNIPEG

PSYCHOLOGY 353: SOCIAL AND PERSONALITY DEVELOPMENT IN CHILDREN SPRING 2006

International Environmental Policy Spring :374:315:01 Tuesdays, 10:55 am to 1:55 pm, Blake 131

Corporate Communication

Business Finance 3400 Introduction to Real Estate Autumn Semester, 2017

EECS 700: Computer Modeling, Simulation, and Visualization Fall 2014

Indiana University Northwest Chemistry C110 Chemistry of Life

Preferred method of written communication: elearning Message

ACADEMIC EXCELLENCE REDEFINED American University of Ras Al Khaimah. Syllabus for IBFN 302 Room No: Course Class Timings:

POFI 1349 Spreadsheets ONLINE COURSE SYLLABUS

Course Syllabus It is the responsibility of each student to carefully review the course syllabus. The content is subject to revision with notice.

Course Syllabus p. 1. Introduction to Web Design AVT 217 Spring 2017 TTh 10:30-1:10, 1:30-4:10 Instructor: Shanshan Cui

COMM 210 Principals of Public Relations Loyola University Department of Communication. Course Syllabus Spring 2016

SOAS Student Disciplinary Procedure 2016/17

Syllabus for PRP 428 Public Relations Case Studies 3 Credit Hours Fall 2012

Spring 2015 Natural Science I: Quarks to Cosmos CORE-UA 209. SYLLABUS and COURSE INFORMATION.

International Baccalaureate Diploma Programme

95723 Managing Disruptive Technologies

UNIVERSITY OF BIRMINGHAM CODE OF PRACTICE ON LEAVE OF ABSENCE PROCEDURE

Academic Integrity RN to BSN Option Student Tutorial

Syllabus: PHI 2010, Introduction to Philosophy

Spring 2015 IET4451 Systems Simulation Course Syllabus for Traditional, Hybrid, and Online Classes

BUS Computer Concepts and Applications for Business Fall 2012

ACCT 100 Introduction to Accounting Course Syllabus Course # on T Th 12:30 1:45 Spring, 2016: Debra L. Schmidt-Johnson, CPA

DISCIPLINARY PROCEDURES

International Business BADM 455, Section 2 Spring 2008

WRITING FOR INTERACTIVE MEDIA

IUPUI Office of Student Conduct Disciplinary Procedures for Alleged Violations of Personal Misconduct

Co-Professors: Cylor Spaulding, Ph.D. & Brigitte Johnson, APR Office Hours: By Appointment

BUS 4040, Communication Skills for Leaders Course Syllabus. Course Description. Course Textbook. Course Learning Outcomes. Credits. Academic Integrity

PHO 1110 Basic Photography for Photographers. Instructor Information: Materials:

THE UNIVERSITY OF BRITISH COLUMBIA

FINN FINANCIAL MANAGEMENT Spring 2014

Transcription:

COURSE SYLLABUS 95-755 A3/Z3 and 14-782: Information Security Risk Management I Spring, 2018 Instructors: James Stevens and Adam Cummings Office (and office hours): Neither instructor has an office on campus, but we will make ourselves available to meet with students before or after class (when requested). Email: jfs@andrew.cmu.edu and adamcummings@cmu.edu TA Information: Vidya Gopalakrishnan (vidyag@andrew.cmu.edu) Abhishek Herle (aherle@andrew.cmu.edu) The TAs will not be holding regular office hours, but you should direct any questions about homework grading to them first via email. Course Description: This course and its follow-on, Information Security Risk Management II (95-756/14-784), examine information security as a risk management problem where the organization identifies information security risks, evaluates those risks, and makes risk mitigation and acceptance decisions given its resource constraints. In part one of this class students will learn foundational concepts in risk management and economic valuation and will be introduced to standard risk management approaches for identifying, analyzing, responding to, and monitoring risks. Number of Units: 6 Prerequisites: 95-752 (preferred) Class Schedule/Location: Thursdays from 6:00pm to 8:50pm in CIC 1201 1

Textbook Information: There is a required textbook, though it is also available as an e-book when connected to the CMU library. Required: Freund, J., & Jones, J. (2015). Measuring and managing information risk: A FAIR approach. (ISBN 9780127999326) Recommended but not required: Douglas W. Hubbard & Richard Seiersen. How to Measure Anything in Cybersecurity Risk. (ISBN: 9781119085294) Course Objectives: Understand and recall the fundamental terms of risk management and information security Extract and summarize the most appropriate risk management terms given a practical scenario Apply the FAIR framework to a practical scenario such that the identified risks are appropriately addressed Demonstrate a basic understanding of the purpose/scope of these common frameworks of common risk management frameworks: NIST CSF, COBIT, ITIL. Apply risk management capabilities (identification, assessment, mitigation, monitoring) to basic information security risk scenarios Evaluate the proper course of actions in order to adequately identify and assess risk Design a set of key technology risk indicators that can be used to signal the existence of potentially undesirable conditions Course Website: Available in Canvas (please let us know immediately if you do not have access to it). The instructors will post announcements informing students of any important changes, such as new reading assignments or dates for deliverables. These announcements may or may not be accompanied by an e-mail notification, but it is your responsibility to check for these announcements and ensure that any changes are understood. Since 2

Canvas is the primary means of communication for this course, we urge you to check the site often. Evaluation & Grading: Though the class average for grades may ebb and flow during the semester, you should not concern yourself with the number associated with a grade absent any other context. Rather, you should be concerned about what aspects of that assignment or exam you did not get correct and how you did against the overall average of the class (which will normally be provided). For example, the average for one homework may be a 92 and the average for a different homework may be an 80. A student receiving a 95 and an 87, respectively, may think they did poorly on the second homework. Rather, they did quite well on both homework assignments, relative to the class as a whole. Work hard, master the material, understand what you missed, and the grades will likely take care of themselves. Appealing a grade will only be considered for one week after the grade has been posted and will not be entertained if the student does not have a coherent reason for the appeal. Final grades will be assessed based on the CMU Graduate student grading standard. The relative weight of the assignments and exams are as follows: -HW1 = 10% -HW2 = 10% -HW3 = 10% -HW4 = 10% -HW5 = 10% -HW6 = 10% -Final Exam = 40% Late Assignment Policy Assignments will always have a stated due date and time, typically by 6:00pm on the day of class. Unless stated otherwise, all assignments must be submitted via Canvas before the assigned time in order to avoid assessment of a late penalty. All assignments submitted after the assigned deadline will be assessed a 20% penalty per day until the assignment is turned in or the maximum possible score reaches zero after 5 days. Waiting to submit an assignment until 1 minute before the due date and time may put you at the mercy of any processing and upload time associated with submitting the assignment to Canvas, so avoid being subject to technical difficulties by managing your time appropriately. 3

Course Attendance The instructors will take course attendance, though your attendance will not be part of your grade. A lack of attendance (and therefore participation), however, will not make us inclined to consider any grade adjustments at the end of the course. Laptop Policy Laptops are allowed to be used in class, but the expectation is that you re paying attention to us and your fellow students. Be professional, as we reserve the right to change the policy to restrict electronic device usage. Tentative Course Topics and Calendar: WEEK TOPIC/MODULE 1 (JAN 18) Intro and Fundamentals of Risk Mgmt concepts 2 (JAN 25) Fundamentals (cont'd) and Risk Identification 3 (FEB 1) Risk Identification 4 (FEB 8) Risk Assessment 5 (FEB 15) Risk Assessment 6 (FEB 22) Risk Treatment and Monitoring 7 (MAR 1) Risk Monitoring (cont) and Final Review 8 (MAR 8) FINAL Take Care of Yourself: Do your best to maintain a healthy lifestyle this semester by eating well, exercising, avoiding drugs and alcohol, getting enough sleep, and taking time to relax. Despite what you might hear, using your time to take care of yourself will actually help you achieve your academic goals more than spending too much time studying. All of us benefit from support and guidance during times of struggle. There are many helpful resources available on campus. An important part of the college experience is learning how to ask for help. Take the time to learn about all that s available and take advantage of it. Ask for support sooner rather than later this always helps. If you or anyone you know experiences any academic stress, difficult life events, or difficult feelings like anxiety or depression, we strongly encourage you to seek support. Consider reaching out to a friend, faculty or family member you trust for assistance connecting to the support that can help. Counseling and Psychological Services (CaPS) is here for you: Call 412-268-2922 or visit http://www.cmu.edu/counseling 4

Over 25% of students reach out to CaPS some time during their time at CMU. If you or someone you know is feeling suicidal, call someone immediately, day or night: CaPS: 412-268-2922 Re:solve Crisis Network: 888-796-8226 If the situation is life threatening, call the Police: On campus: CMU Police: 412-268-2323 Off campus: 911 CMU Academic Integrity Policy (http://www.cmu.edu/academic-integrity/index.html): In the midst of self exploration, the high demands of a challenging academic environment can create situations where some students have difficulty exercising good judgment. Academic challenges can provide many opportunities for high standards to evolve if students actively reflect on these challenges and if the community supports discussions to aid in this process. It is the responsibility of the entire community to establish and maintain the integrity of our university. This site is offered as a comprehensive and accessible resource compiling and organizing the multitude of information pertaining to academic integrity that is available from across the university. These pages include practical information concerning policies, protocols and best practices as well as articulations of the institutional values from which the policies and protocols grew. The Carnegie Mellon Code, while not formally an honor code, serves as the foundation of these values and frames the expectations of our community with regard to personal integrity. THE CARNEGIE MELLON CODE Students at Carnegie Mellon, because they are members of an academic community dedicated to the achievement of excellence, are expected to meet the highest standards of personal, ethical and moral conduct possible. These standards require personal integrity, a commitment to honesty without compromise, as well as truth without equivocation and a willingness to place the good 5

of the community above the good of the self. Obligations once undertaken must be met, commitments kept. As members of the Carnegie Mellon community, individuals are expected to uphold the standards of the community in addition to holding others accountable for said standards. It is rare that the life of a student in an academic community can be so private that it will not affect the community as a whole or that the above standards do not apply. The discovery, advancement and communication of knowledge are not possible without a commitment to these standards. Creativity cannot exist without acknowledgment of the creativity of others. New knowledge cannot be developed without credit for prior knowledge. Without the ability to trust that these principles will be observed, an academic community cannot exist. The commitment of its faculty, staff and students to these standards contributes to the high respect in which the Carnegie Mellon degree is held. Students must not destroy that respect by their failure to meet these standards. Students who cannot meet them should voluntarily withdraw from the university. This policy applies, in all respects, to this course. Carnegie Mellon University's Policy on Cheating (http://www.cmu.edu/academicintegrity/cheating/index.html) states the following: According to the University Policy on Academic Integrity, cheating "occurs when a student avails her/himself of an unfair or disallowed advantage which includes but is not limited to: Theft of or unauthorized access to an exam, answer key or other graded work from previous course offerings. Use of an alternate, stand-in or proxy during an examination. Copying from the examination or work of another person or source. Submission or use of falsified data. 6

Using false statements to obtain additional time or other accommodation. Falsification of academic credentials. This policy applies, in all respects, to this course. Carnegie Mellon University's Policy on Plagiarism (http://www.cmu.edu/academicintegrity/plagiarism/index.html) states the following: According to the University Policy on Academic Integrity, plagiarism "is defined as the use of work or concepts contributed by other individuals without proper attribution or citation. Unique ideas or materials taken from another source for either written or oral use must be fully acknowledged in academic work to be graded. Examples of sources expected to be referenced include but are not limited to: Text, either written or spoken, quoted directly or paraphrased Graphic elements Passages of music, existing either as sound or as notation Mathematical proofs Scientific data Concepts or material derived from the work, published or unpublished, of another person." This policy applies, in all respects, to this course. If the instructors find that you have committed plagiarism, the first penalty will be a 0 (zero) on the assignment and a referral to the appropriate dean (I.e., Heinz or INI). Carnegie Mellon University's Policy on Unauthorized Assistance (http://www.cmu.edu/academic-integrity/collaboration/index.html) states the following: According to the University Policy on Academic Integrity, unauthorized assistance "refers to the use of sources of support that have not been specifically authorized in this policy statement or by the course instructor(s) in the completion of academic work to be 7

graded. Such sources of support may include but are not limited to advice or help provided by another individual, published or unpublished written sources, and electronic sources. Examples of unauthorized assistance include but are not limited to: Collaboration on any assignment beyond the standards authorized by this policy statement and the course instructor(s). Submission of work completed or edited in whole or in part by another person. Supplying or communicating unauthorized information or materials, including graded work and answer keys from previous course offerings, in any way to another student. Use of unauthorized information or materials, including graded work and answer keys from previous course offerings. Use of unauthorized devices. Submission for credit of previously completed graded work in a second course without first obtaining permission from the instructor(s) of the second course. In the case of concurrent courses, permission to submit the same work for credit in two courses must be obtained from the instructors of both courses." This policy applies, in all respects, to this course. Carnegie Mellon University's Policy on Research Misconduct (http://www.cmu.edu/academic-integrity/research/index.html) states the following: According to the University Policy For Handling Alleged Misconduct In Research, Carnegie Mellon University is responsible for the integrity of research conducted at the university. As a community of scholars, in which truth and integrity are fundamental, the university must establish procedures for the investigation of allegations of misconduct of research with due care to protect the rights of those accused, those making the allegations, and the university. Furthermore, federal regulations require the university to have explicit procedures for addressing incidents in which there are allegations of misconduct in research. The policy goes on to note that misconduct means: 8

fabrication, falsification, plagiarism, or other serious deviation from accepted practices in proposing, carrying out, or reporting results from research; material failure to comply with Federal requirements for the protection of researchers, human subjects, or the public or for ensuring the welfare of laboratory animals; or failure to meet other material legal requirements governing research. To be deemed misconduct for the purposes of this policy, a material failure to comply with Federal requirements or a failure to meet other material legal requirements must be intentional or grossly negligent. To become familiar with the expectations around the responsible conduct of research, please review the guidelines for Research Ethics published by the Office of Research Integrity and Compliance. This policy applies, in all respects, to this course. 9

2024 © educationdocbox.com Privacy Policy | Terms of Service | Feedback