Meeting Time and Place:
Given here.

Required Texts:

1. "Computer Security Handbook, 4th Ed.", edited by Seymour Bosworth and M. E. Kabay, 2002, John Wiley & Sons.

Computer Use: Lab computers will be used. Make sure that you have a valid username and password.

Software: MS Word 2003, MS Excel 2003

Instructor: Dr. Tony Keys
Office: SSS 415
Phone: 836-5910
E-mail: keysac@uwec.edu
URL: http://keys.uwec.edu

Office Hours: Given here or by appointment.

Course Description:
This elective course for IS Majors introduces the topic of IS Security. The course motivates the need for security policy in organizations and covers the knowledge, resources and skills needed to implement the policies.

Course Prerequisites: Admission to the College of Business AND IS 310 OR ACCT 315

Course Objectives:

1. Identify the types of security breaches and their costs
2. Obtain a working vocabulary of the types of attacks
3. Understand and apply quantitative and qualitative methods to risk assessment
4. Understand the goals of risk management
5. Understand the relationships between policies, standards and procedures
6. Be able to specify and describe the major phases of policy development
7. Know sources of policy templates and their cautions
8. Understand the different audiences for policies
9. Identify the ways in which security policy and personal schema interact and personality style and policy enforcement may conflict
10. Understand how group behavior affects policy implementation
11. Be able to carry out a business impact analysis
12. Know how to develop the scope and goals for a business continuity plan
13. Use the Generalized Cost Consequence model or an alternative as a basis for cost justification
14. Be able to construct a sequence of disaster recovery procedures

Course Philosophy:
The course will consist of lecture and discussion with some group activities. Assignments will be individual pieces of work or be the result of a group's work. The emphasis will be on the development of managerial skills and knowledge, though there will be opportunities for technical skills and knowledge to be developed, especially in group work assignments.

Course Policies:

General Work Policies

1. Students are required to check their University email account on a daily basis.
2. Students are required to attend class and are responsible for obtaining adequate notes and any missed code exercises or handouts. A high standard of preparation is expected for class.
3. Students are required to make a back-up copy of every assignment or project.
4. It is the students' responsibility to ensure that all necessary files are submitted for each program or assignment.

Plagiarism (Copying someone elses assignment or code, in whole or in part, and passing it off as your own).
The work will be given a score of 0. Furthermore, a formal report will be made to the University which may result in:
a) A note of the offence being added to your student record.
b) Futher penalties being imposed by the University, up to and including expulsion from the University.

Late Work (Work delivered to the instructor after the due time and date)

If the instructor has been informed in advance and has approved the late submission:

The work will be graded with no penalty. Approval is often given for serious illness or accident and events such as serious illness or worse in the immediate family. If in doubt - talk to the instructor.

If the instructor has not been informed in advance and student has a good reason for the late work, i.e., illness or accident of a serious nature and can provide documentation (e.g., medical doctor's note):

The work will be graded with no penalty. Approval is often given for serious illness and events such as serious illness or worse in the immediate family. If in doubt - talk to the instructor.

If the instructor has not been informed in advance and the student has no good reason:

Work is 1 - 24 hours late: The work will be graded and the final score halved. The maximum score will be 50% of the credit available
Work is 25-48 hours late: The work will be graded and the final score quartered. The maximum score will be 25% of the credit available.
Work is more than 48 hours late: The work will not be graded and a score of 0 will be recorded for the work.

Assignment problems with original submission handed in on-time.

File loading error or media error - This is not your fault or responsibility. The instructor will e-mail the student at their University e-mail address. The student will have 48 hours from the time the email is sent to send replacement files. If the student supplies the replacement files in a timely manner, the assignment will be graded on a full-credit basis. If the files are not received in the allowed time, the assignment will be graded as-is.

Assignment has missing files - This is your fault and your responsibility.
The instructor will e-mail the student at their University e-mail address as soon as the problem is discovered. No matter what time the instructor informs you of this problem, you will be under the policies that relate to late assignments. That is, if you supply the missing files within 1-24 hours of the due date, the work will be graded with a maximum credit of 50%; if you supply the missing files within 25-48 hours of the due date, the work will be graded with a maximum credit of 25%; and if the missing files are not supplied within 48 hours of the due date, the assignment will be graded as-is.

Exams
Exams are to be taken at the scheduled time and place. No exam may be taken at at any other time for credit. Exceptions to this policy are granted for serious illness or accident to the student or immediate family. If in doubt - talk to the instructor.

Accommodation of Disabilities: Students with disabilities are encouraged to discuss their needs with the instructor, preferably during the first week of class. All reasonable accommodations will be made to see that disabilities do not restrict a student's opportunity to learn. Help is also available from the Office for Services to Students with Disabilities (Old Library 2136, phone 715/836-4542).

Grading Policy:

Percentages refer to overall percentage using scores from all required exams, projects and homework: