(Includes content designed to help in preparing for IAPP Certified Information Privacy Professional/US certification.) Prerequisite: CSIA 360. A study of the application of cybersecurity principles, frameworks, standards, and best practices to organization-level strategies, policies, programs, plans, procedures, and processes. The aim is to assist students in preparing to take an internationally recognized information privacy certification. Projects include writing security policies and plans, developing metrics and measures for information security programs, planning audits of compliance practices and processes, and developing organization-level security policies for enterprise IT governance. Discussion covers principles and best practices for protecting privacy and ensuring compliance with laws and regulations.
After completing this course, students should be able to:
- Evaluate and select solutions to support security policy requirements
- Develop and implement security procedures and processes to support security policy requirements, including security program measures
- Communicate policies, procedures, and processes to organizational stakeholders through a security education, training, and awareness program
- Implement continuous change management processes to assess and update security controls' effectiveness