Across the board, IT managers in government and industry are concerned with regulatory compliance. This course is designed to introduce students to key Information Security industry and government policies, regulations and standards. The course is structured to familiarize students with base standards, like NIST, and more specific regulatory requirements, and to help students understand how those requirements are met, using frameworks, controls and training. The goal of this course is provide students with an understanding of how to develop an organizations information security policy and procedures to comply with government and industry regulations. This course is an elective for graduate students seeking to work or manage an information security and privacy department.

Syllabus

https://api.heinz.cmu.edu/courses_api/course_detail/95-743/

Class format

Lecture and project-based

Home department

Heinz

Target audience

Graduate students seeking to work or manage an information security and privacy department.

Background required

Students must have taken 95-744. 

Learning objectives

• Develop an in-depth working knowledge of existing policies and frameworks
• Perform in-depth analysis of policy, failures in policy, and compare/contrast policies and frameworks

Faculty and instructors who have taught this course in the past

Matthew Butkovic, Summer Fowler