May 26, 2024  
College Catalog 2023-2024 
College Catalog 2023-2024 [ARCHIVED CATALOG]

Add to Favorites (opens a new window)

ITIA 2310 - Information Security Policies & Risk Management

Credit Hours: 3.00

Prerequisites: ITIA 1200  

(formerly ITIA 1400 and ITIA 2300)

Students will analyze existing laws and policies and explain how they affect the security of a company or its users. They will use project‑based assignments to write security policies. Students will also analyze existing systems for vulnerabilities and risks and make recommendations for mitigation. Provided a scenario where a system breach has occurred, students will recommend the appropriate response. Students will create a basic risk assessment report for a fictional company.

Billable Contact Hours: 3

Search for Sections
Transfer Possibilities
Michigan Transfer Network (MiTransfer) - Utilize this website to easily search how your credits transfer to colleges and universities.
Outcome 1: Explain how a law or policy affects the security of a company or its users.


  1. Describe how the type of legal dispute (civil, criminal, private) affects the evidence used to resolve it.
  2. Describe the responsibilities related to the handling of information about vulnerabilities.
  3. Describe the major components of laws (example: FERPA, HIPAA) and policies that relate to cyber security.

Outcome 2: Recommend appropriate measures to prevent or respond to a computer system compromise.


  1. Analyze common security failures and identify specific design principles that have been violated.
  2. Describe appropriate measures to be taken should a system compromise occur.
  3. Describe potential system attacks and the actors that might perform them.

Outcome 3: Recommend security technologies/methods to reduce vulnerabilities and risks.


  1. Identify vulnerabilities and risks in a typical system.
  2. Explain which security technologies/methods mitigate specific vulnerabilities and risks.
  3. Analyze data from a security breach.

Outcome 4: Prepare a security policy and basic risk assessment.


  1. Write a security policy.
  2. Create a basic risk assessment.

  • Communication: The graduate can communicate effectively for the intended purpose and audience.
  • Critical Thinking: The graduate can make informed decisions after analyzing information or evidence related to the issue.
  • Global Literacy: The graduate can analyze human behavior or experiences through cultural, social, political, or economic perspectives.
  • Information Literacy: The graduate can responsibly use information gathered from a variety of formats in order to complete a task.
  • Quantitative Reasoning: The graduate can apply quantitative methods or evidence to solve problems or make judgments.
  • Scientific Literacy: The graduate can produce or interpret scientific information presented in a variety of formats.
CDO marked YES apply to this course:
Communication: YES
Critical Thinking: YES
Information Literacy: YES
Quantitative Reasoning: YES

  1. Laws and policies related to cyber security
  2. System attacks and failures
  3. Risks and vulnerabilities
  4. Mitigation strategies
  5. Basic risk assess

Primary Faculty
Nabozny, Keith
Secondary Faculty

Associate Dean
Evans-Mach, Patrick
Balsamo, Michael

Primary Syllabus - Macomb Community College, 14500 E 12 Mile Road, Warren, MI 48088

Add to Favorites (opens a new window)