CINS 3044

40277
Fall 2018
Information Security Management

I. CONTACT INFORMATION

 Instructor: Kriti Chauhan

 Phone: (318)342-1141
 Email: chauhan@ulm.edu
 Office: HMPH 301B
 Office Hours: MTWR 2pm-4:30 pm (and by appointment)
 Preferred method of communication: Email
 Peer communication: Communication with other students via email

II. COURSE DESCRIPTION

The purpose of this class is to provide the student with an understanding of information security
management for the business environment. This class will help the student develop a professional
mindset for mitigating risks and threats in the information security environment.
Principles of information security and assurance, with an emphasis on the managerial component. A
lifecycle approach is used to identify, assess, and develop responses to security threats to organizational
assets.

III. COURSE PREREQUISITES/COREQUISITES

To be enrolled in this class you must have successfully completed CINS 3040. Students who have not
completed these courses cannot remain in the class.

IV. COURSE OBJECTIVES

This course is intended to provide you with a solid foundation of information systems (IS) security, with
an emphasis on the management component within a business environment. Of course, any discussion
of the principles of IS security necessitates a technical element; therefore, we will review and extend our
understanding of systems and networks as warranted in our pursuit of IS security management
knowledge. Some of the textbook and classroom material will help you if you pursue one of the
certifications that are available for information security professionals; however, preparation for
certification is not a specific component of the course. After completing the course, students should be
able to:
1. Identify and prioritize information assets
2. Identify and prioritize threats to information assets
3. Define an information security strategy and architecture
4. Describe the role of information security in the systems development lifecycle
5. Plan for and respond to intruders in an information system
6. Describe legal and public relations implications of security and privacy issues
7. Develop organizational plans for recovery of information assets after an incident
8. Create and execute an organizational security awareness program
9. Describe organizational compliance with pertinent national/international security standards
10. Employ common security monitoring tools to assess and evaluate organizational security
compliance

Page 1/8 Revised on: 8/20/18

 V. COURSE TOPICS
Specific topics of study for you are as follows:
1. Legal, ethical and professional issues in information security
2. Risk Management
3. Planning for security
4. Information security frameworks and standards
5. Security technology
6. Physical security
7. Implementing information security
8. Security awareness planning
9. Information security maintenance
10. Cyber warfare and computer crime

VI. INSTRUCTIONAL METHODS AND ACTIVITIES

The instructional methods used in this class will include lecture, group discussion, analysis of actual
security incidents and breaches, hands on projects, and experiential activities. Outside reading and
research will be required for class discussions. Articles from current periodicals, podcasts, and videos
may be assigned to facilitate classroom discussions. Students will also be required to perform
independent research and enrichment activities.

VII. EVALUATION AND GRADE ASSIGNMENT

Three (3) exams will be administered during the course of the semester. These exams will cover
materials from the class lectures, assignments, assigned articles, and assigned readings. These exams
will comprise 60% of the total grade.

Students will participate in a group project worth 10% of the overall course grade, assigned during the
semester. Online assignments and in-class worksheets and quizzes will be worth 30% of overall grade.
Due dates for project deliverables and assignments will be published on Moodle throughout the
semester. All materials must be turned in by the specified date and time.

Grade scale: 90%+ = A, 80% to 89.99% = B, 70%-79.99% = C; 60%-69.99% = D; Below 60% = F

NOTE: Undergraduate mid-term grades will be posted on-line for students to view via BANNER. Mid-
term grades indicate a student’s status at mid-semester only and do not indicate the final performance
outcome of a student.

Any material covered in the required textbook, discussions, exercises, or class notes may be on the
quizzes and exam(s).

Extra credit opportunities MAY be assigned periodically to encourage participation in special

pertinent activities.

NO work will be accepted for credit after 5 p.m. on the last day of Final Exams.

VIII. CLASS POLICIES AND PROCEDURES

AT A MINIMUM, ALL POLICIES STATED IN THE CURRENT ULM STUDENT POLICY MANUAL
& ORGANIZATIONAL HANDBOOK SHOULD BE FOLLOWED (SEE
HTTP://WWW.ULM.EDU/STUDENTPOLICY/). ADDITIONAL CLASS POLICIES INCLUDE:

Page 2/8 Revised on: 8/20/18

 A. Textbook(s) and Materials:
 Principles of Information Security, Whitman & Mattord (Cengage Learning), 5th edition,
ISBN-13: 978-1285448367

B. Attendance Policy:
Participation in the class makes for a much more interesting course. Comments, opinions, and
professional experience are welcomed and very much appreciated by the instructor.

Although there is no specific penalty for non-attendance, university policy stipulates the following:
 Class attendance is regarded as an obligation and a privilege, and all students are expected to
attend regularly and punctually all classes in which they are enrolled. Failure to do so may
jeopardize a student’s scholastic standing and may lead to suspension from the University.
 Any student who is not present for at least 75% of the scheduled class sessions in any course
may receive a grade of W if this condition occurs prior to the last day to drop a course or a grade
of F after that date.
 Any University-related activity requiring an absence from class will count as an absence when
determining if a student has attended 75% of class meetings.
 Students are responsible for the effect absences have on all forms of evaluating course
performance. Thus, the student is responsible for arranging the allowed make up of any missed
work.
It is the responsibility of the student to obtain all lecture notes from fellow class members. The
instructor will not provide summaries of lectures during office hours.

C. Make-up Policy: Exams will be administered on the scheduled date. “Make-ups” will NOT be
given. If you miss an exam without a valid excuse, then your grade in that exam will be zero.
Examples of valid excuses are serious illness and participation in University sponsored events. If
you miss an exam due to illness, a written excuse from a doctor is necessary. When you have to
miss an exam due to participation in a University sponsored event, you must inform me prior to the
exam and submit appropriate documentation to verify your claim. Students who are unable to take
an exam for valid and verifiable reason may have ONE exam replaced by the final exam score at the
discretion of the instructor. No makeup exam will be given under any circumstance.

In-class activities/quizzes: Quizzes and practice exercises will be conducted throughout the
semester. In-class quizzes/activities will be due at before the end of the class. There will be no
make-up for these for ANY reason. Your final exam percentage will substitute for any missed
quiz.

Academic Integrity: Faculty and students must observe the ULM published policy on Academic
Dishonesty. Dishonesty (see Page 4 in ULM Student Policy Manual --
http://www.ulm.edu/studentpolicy/).

It is critical to the reputation of the ULM College of Business and of our degrees that everyone
associated with our faculty and students behave with the highest academic integrity. As the faculty
that helps prepare business and governmental leaders, we have a special obligation to ensure that our
ethical standards are beyond reproach. This includes supporting and maintaining an environment of
honesty among our students.
Pages 4 and 5 of the ULM Student Policy address the issue of academic dishonesty under the
heading "Cheating and Plagiarism." Specifically, the Student Policy states that “acts of academic
dishonesty include, but are not limited to:

Page 3/8 Revised on: 8/20/18

 A. Cheating

1. Copying or obtaining information from another student’s test paper.*

2. Using, during a test, materials not authorized by the person giving the test.**
3. Collaborating, conspiring, or cooperating during a test with any other person by giving or
receiving information without authority.
4. Stealing, buying, or otherwise obtaining all or part of an unadministered test.
5. Selling or giving away all or part of an unadministered test or any information concerning
specific questions and items on an unadministered test.
6. Requesting, bribing, blackmailing, or in any other way causing any other person to obtain an
unadministered test or information about an unadministered test or a test in the process of
being administered.
7. Substituting for another student, or permitting any other person to substitute for oneself to
take a test.
8. Submitting as one’s own, in fulfillment of academic requirements, any theme, report, term
paper, essay, other written work, art work, painting, drawing, sculpture, musical composition
or other art work prepared totally or in part by another person.
9. Any selling, giving, or otherwise supplying to another student for use in fulfilling academic
requirement any theme, report, term paper, essay, other written work, painting, drawing,
sculpture or other art work.
10. Submitting artificially produced data or information in the place of descriptive, experimental,
or survey results.
11. Any other devious means of securing an unearned grade in a non-credit course or in a course
offered for credit.

*A student looking on another student’s paper is considered cheating.

**The presence on one’s person (or in close proximity thereto) of a condensation of test
information which could be regarded as a “cheat sheet” will be considered adequate evidence
to establish cheating.

B. Plagiarism is the use of any other person’s work (such work need not be copyrighted) and the
unacknowledged incorporation of that work in one’s own work offered for credit.”

You will not cheat or take other students’ work, nor will you tolerate those that do. Covering up
for a cheater is the same as (or worse than) cheating.

Those found cheating or collaborating in an inappropriate way will receive a grade of 0% for that
assignment on the first offence. Notification will also be sent to the CIS Program Chair, CBA Dean,
and ULM Office of Disciplinary Affairs naming all involved. Any subsequent offence will result in
an automatic grade of "F" for the class and dismissal from the course and potentially from the CIS
professional program or university.

Working with another student on any quiz or exercise designated by the instructor as an
individual exercise is considered cheating.

D. Course Evaluation Policy: At a minimum, students are expected to complete the online course
evaluation. Constructive criticism in terms of things done poorly and things done well is very helpful
in improving the quality and content of the course.

E. Student Services: The University of Louisiana at Monroe strives to serve students with special
needs through compliance with Sections 504 of the Rehabilitation Act of 1973 and the Americans

Page 4/8 Revised on: 8/20/18

 with Disabilities Act. These laws mandate that postsecondary institutions provide equal access to
programs and services for students with disabilities without creating changes to the essential
elements of the curriculum. While students with special needs are expected to meet our institution's
academic standards, they are given the opportunity to fulfill learner outcomes in alternative ways.
Examples of accommodations may include, but are not limited to, testing accommodations (oral
testing, extended time for exams), interpreters, relocation of inaccessible classrooms, permission to
audiotape lectures, note-taking assistance, and course substitutions.

Information about ULM student services can be found via these links:

 Student Success Center: http://www.ulm.edu/studentsuccess/

 Counseling Center http://www.ulm.edu/counselingcenter/
 Special Needs at http://www.ulm.edu/studentaffairs/
 Library http://www.ulm.edu/library/reference.html
 Computing Center Help Desk http://www.ulm.edu/computingcenter/helpdesk

Current college’s policies on serving students with disabilities can be obtained on the ULM website:
http://ulm.edu/counselingcenter/

 If you need accommodation because of a known or suspected disability, you should contact the
Director for Disabled Student Services at:
 Voice phone: 318-342-5220
 Fax: 318-342-5228
 Walk-In: ULM Counseling Center, 1140 University Avenue (this building and room are
handicapped accessible).

Mental Wellness on the ULM Campus

If you are having any emotional, behavioral, or social problems and would like to talk with a caring,
concerned professional, please call one of the following numbers:

 The ULM Counseling Center: 318-342-5220

 The Marriage and Family Therapy Clinic: 318- 342-9797
 The Community Counseling Center: 318-342-1263

Remember that all services are offered free to students, and all are strictly confidential.

If you have special needs that I need to be made aware of, you should contact me within the
first two days of class.

Sexual Harassment or Gender-Based Discrimination

Title IX of the Education Amendments of 1972 prohibits sex discrimination against any participant
in an educational program or activity that receives federal funds, including federal loans and grants.
Furthermore, Title IX prohibits sex discrimination to include sexual misconduct, sexual violence,
sexual harassment and retaliation. If you encounter sexual harassment or gender-based
discrimination, please contact the Title IX Coordinator at 318-342-1004; you may also file a
complaint online, 24 hours a day, at: www.ulm.edu/titleix.

Page 5/8 Revised on: 8/20/18

 F. Emergency Procedures:
In the event of fire or bomb threat, students will move to the stairwell designated by the instructor
and proceed down to the ground floor. Once outside the class will meet in the west parking area.

In the event of threat from severe weather, students will take shelter in a designated area.

ROLL WILL BE TAKEN AT THE REANDEVOUS POINT. Missing individuals will be reported
to law enforcement and fire service authorities. The instructor will designate class members to assist
students that are mobility/visually impaired.

G. Discipline/Course Specific Policies:

 Grievance Policy
You are free to express your opinions about the content and methods of instruction for the course
during office hours, valid points will be integrated into conduct of instruction. If you have a
grievance concerning the course, attempt to address the problem with the instructor. In the event
that differences cannot be reconciled, you should contact Dr. William Barnett.

 Course Standards:
The instructor is very happy to help in any way possible BUT it is not the job of an instructor to
make you submit to assistance.
The following standards will be STRICTLY enforced:
1. ANY use of a messaging device or other communication device during an exam will be
considered cheating, and result in an immediate grade of 0 on the exam. Individuals that
have small children may leave their mobile phones on in silent mode and out of sight.
2. Persistent Tardiness WILL NOT BE TOLERATED. As with a job, students are expected to
be on time to class. Roll will be taken at the beginning of each class. Any student arriving
late to class must inform the instructor at the end of class and should watch the instructor
remove the absence from the roll; otherwise, the tardy will stand as an absence.
3. Important Dates, such as drop deadlines and final exams periods, are published by the
University. It is the student’s responsibility to be informed of these dates. Ignorance is no
excuse. Do not wait until the “last minute” to inquire about your progress or to drop. The
instructor may not be available at that time.
4. If you do not understand or agree with a grade on a test/assignment, the grader or the
instructor will be happy to clarify the point. Verifiably correct answers will receive credit.
(Providing material to update current course material may even earn extra credit). The
instructor retains the right to completely re-grade the test/assignment to ensure the quality of
the grading process.
5. Assignments that are turned in late will be assessed a 20% penalty per day that they are late
for a maximum of 100%. “The correct answer to late is still the wrong answer!”
6. Assignments are due at the times and dates specified. Assignments that are turned in after
the specified cut-off time will be considered 1 day late.
7. Not checking university email or Moodle does NOT relieve students of the responsibility of
turning in work or for acting on information distributed in those forums.
8. NO work will be accepted after the last day of Final Exams.

Page 6/8 Revised on: 8/20/18

  Classroom Decorum
The university building containing an academic department or college is the professional home
of a faculty member. You will be expected to treat these surroundings with the respect they
deserve.

Disruptive classroom behaviors may result in dismissal from the lesson. Dismissed students are
responsible for any course material or assignments missed.

Page 7/8 Revised on: 8/20/18

IX. TENTATIVE COURSE SCHEDULE CINS 3044 (40277)
A. Contact Information:
 Instructor: Kriti Chauhan
 Phone: (318) 342-1141
 Email: chauhan@ulm.edu
 Office: HMPH 301B
 Office Hours: MTWR 2pm-4:30pm (and by appointment)
 Textbook: Principles of Information Security, Whitman & Mattord (Cengage Learning), 5th
edition, ISBN-13: 978-1285448367
B. Tentative Course Schedule: (Class time: TR 12:30 – 1:45 PM, HMPH 223)

Week
of Lecture Reading Important Dates Notes
20-Aug Intro to InfoSec Ch1
27-Aug Need for Security Ch2
Legal, Ethical,
3-Sep Professional issues
in InfoSec Ch3 Sep 3 (M): Labor Day
Planning for
10-Sep
Security Ch4
Planning for
17-Sep
Security Ch4
24-Sep Risk Management Ch5
Oct 11 (R): Midterm
1-Oct
Risk Management Ch5 Oct 4: Exam 1 grades due
Security
8-Oct
Technology Ch6,7
15-Oct Cryptography Ch8
22-Oct Cryptography Ch8 Oct 25: No class Oct 25, 26: Fall break
29-Oct Physical security Ch9 Oct 29: (W) Drop date
5-Nov Physical security Ch9 Nov 8: Exam 2
Implementing
12-Nov
InfoSec Ch10
Security and *Nov 21-23
19-Nov
Personnel Ch11 Nov 22: No class Thanksgiving break
Nov 29: Final Exam for
26-Nov InfoSec graduating seniors; no
Maintenance Ch12 class for others
Dec 6 (R): 10 - 11:50am
3-Dec Comprehensive Final
- Exam
*Students are responsible for reviewing any material/instructions posted by the instructor on Moodle

Grade distribution: Exams: 60% (20% each), Project: 10%, Assignments & quizzes: 30%
Grade scale: 90%+ = A, 80% to 89.99% = B, 70%-79.99% = C; 60%-69.99% = D; Below 60% = F

*The instructor reserves the right to adjust the course calendar

Page 8/8 Revised on: 8/20/18