CIT 251 : Managing Risks in Information Systems
This course addresses the broad topic of risk management and how risk, threats, and vulnerabilities impact information systems. Topics include risk
management fundamentals, legal and regulatory compliance, performing risk assessments, identifying and protecting assets, and using appropriate
frameworks. Areas of instruction also include how to assess and manage risk based on defining an acceptable level of risk for information systems.
Elements of a business impact analysis (BIA), business continuity plan (BCP), disaster recovery plan (DRP), and computer incident response team (CIRT) plan will also be discussed. Prerequisite: CIT 150 with a grade of C or better, or permission of the instructor. Three lecture hours per week. Instructional Support Fee applies. Gen. Ed. Competencies Met: Critical Thinking, Information Literacy, and Scientific Reasoning and Discovery.
Course Outcomes
1. Describe the fundamental components of a risk management plan.
2. Describe the steps involved to perform effective risk assessment.
3. Identify the laws and regulations to maintain risk compliance.
4. Develop business continuity, disaster recovery, and incident response plans.