The University of British Columbia
BAIT 512
INFORMATION TECHNOLOGY RISKS, CONTROLS AND SECURITY
Course Outline - Period 5 - 1999
|
|
The University of British Columbia BAIT 512 INFORMATION TECHNOLOGY RISKS, CONTROLS AND SECURITY Course Outline - Period 5 - 1999 |
|
Instructor |
Helen Jordin, B.Sc., CA, CISA, MBA |
|
|
Office Hours |
Mondays and Wednesdays 10:30-11:30 a.m. or by appointment |
|
|
Course Description |
All computer systems and the data that they manage are vulnerable to theft, damage and error. Crimes are often perpetrated using computers. Networks that link the computers inside organizations and around the world allow crime and error to impact wider and wider areas of our lives. Businesses are becoming increasingly dependent upon information technology to manage their information and to compete effectively and often, are unprepared for the consequences of loss of data integrity and reliable ability to compute. This course will explore ways to detect and reduce or prevent computer vulnerability and computer error. Controls over computer data and use will be motivated through an exploration of what can go and has gone wrong with computerized systems. |
|
|
Course Format |
The course will consist of a series of nine 110 minute seminar/lectures. Each week there will be an assignment that will require you to submit a three to five page case analysis. In the sixth week of the course, you and your group will be responsible for presenting a topic, (approved by the instructor), that you have researched related to information technology risks and controls to your classmates. |
|
|
Evaluation |
Class participation: |
20% |
|
|
Assignments: |
50% |
|
|
Class Presentation: |
30% |
|
Required Text |
None, course notes package to be distributed in class |
|
|
Recommended Reading |
Peter G. Neumann, Computer Related Risks, |
|
|
Date |
Topic |
|
September 6 |
Laour Day - no class |
|
September 10 |
Introduction & Computer Unreliability |
|
September 13 |
Computer Threats |
|
September 15 |
Current Issues and Risks |
|
September 20 |
Risk Assessment |
|
September 22 |
Computer Controls |
|
September 27 |
Vulnerability & Application Controls |
|
September 29 |
Disaster Recovery / Continuity Planning |
|
October 4 |
Communications security |
|
October 6 |
Privacy, Ethics of Data Use |
|
October 11 |
Thanksgiving - no class |
|
October 13 |
Group Presentations |
|
October 15 |
Group Presentations |
|
Potential Topics for Information Technology Risks,
Controls and Security Group Presentations |
||
|
Internet Firewalls - Comparisons Physical Security Software Piracy Comparison of UNIX vs. Microsoft NT Security Security Audits Information Warfare Industrial Espionage Website Security Certification |
||
|
Other topics may be proposed for approval. When selecting your topic, remember that you will be evaluated by your instructor and by your classmates for the practical usefulness and significance of your analysis and recommendations for business in general and for our management goals and objectives in particular. |