Course Number: 95-756
Information Security Risk Analysis
This course approaches information security as a management problem, where the organization has to to decide on how much to spend on information security and how, and trade off information security risks with other risks.
Students will learn analytical tools for calculating the costs and benefits of investment security decisions, and how to calculate the return on investments, in a hands-on setting. Additional topics covered include a brief introduction to commercially available tools for risk management, an introduction to vulnerability management, risk aversion and insurance.
Learning objectives: Upon completion of this course students will understand:
* Basic understanding of information security risks and the need to manage them.
* Key economic concepts in uncertainty, decision making, insurance and risk management framework.
* How to calculate ROI on a security investment.
This course is typically followed by another six unit course dealing with policy issues in information security.
Last modified on January 12, 2007
*This course uses a course packet or case studies. Students will be charged a fee for the course materials. The fee for these materials will be charged to the student's account.