Instructor:
Raymond J. Curts, PhD
Office Hours: One Hour Prior to Class
Engineering Building, Room 5306
Logistics:
Course Dates: 31 August through 21 December 2015
Location: Arts & Design Building L008
Meeting Day: Mondays
Meeting Time: 7:20 PM – 10:00 PM
Reference #: Section 001 - CRN 72852
Administrative Support:
Computer Science Department Office
Engineering Building
Room 4300
703-993-1530
Course Description:
|
ISA 650 Federal IT
Security Policy (3:3:0) Focuses on security policy and its management for
information systems having national and international connectivity. Issues include legal, international,
cultural, and local factors. Students
are expected to participate regularly in presenting material, in discussion
of recent security issues, and by writing short papers on significant current
issues. This course provides insight into the Federal Information Security Framework including noteworthy legislation, regulations and compliance issues, as well as commonalities and significant differences between departments and agencies within the Federal Executive Branch (FEB). The course will be presented as formal lectures complimented by group discussion. Each topic will be addressed as part of the larger Federal IT Security structure. |
Textbooks:
|
Required Reading: |
No specific readings
prescribed. Students will
research class topics as appropriate. |
|
Recommended
Reading: |
Various government legislation, regulations, executive orders, reports, policies, directives, instructions, current news articles and related web sites. |
Schedule:
The course schedule will follow the outline below; however, it may be rearranged as the term progresses to allow for weather closures and one or two guest lecturers from industry as time permits. Homework is assigned throughout the semester as indicated. Additional homework, not listed here, may be assigned from time to time. There is no textbook for this course. Students are encouraged to consult the recommended readings and Blackboard links for additional information. All readings are from web accessible documents unless otherwise indicated.
|
Lecture |
Date |
Topic |
Assignments |
|
1 |
08/31/15 |
Introduction to the FEB and the
Federal Information Security Environment |
|
|
|
09/07/15 |
Labor Day – No Class |
|
|
2 |
09/14/15 |
Legislation & Executive Office of the
President (EoP) |
Law or EoP Article |
|
3 |
09/21/15 |
Department of Defense (DoD) |
DoD Article |
|
4 |
09/28/15 |
Intelligence Community (IC) |
IC Article |
|
5 |
10/05/15 |
National Institute of Standards
(NIST) |
NIST Article |
|
|
10/12/15 |
Columbus Day – No Class |
|
|
6 |
10/13/15 Tuesday |
CNSS, Department of Homeland Security
(DHS) |
CNSS or DHS Article |
|
7 |
10/19/15 |
NGA, OMB, Other FEB & Quasi-
Government Agencies; MidTerm Review |
NGA, or OMB Article |
|
|
10/26/15 |
Mid-Term Exam |
|
|
8 |
11/02/15 |
Compliance, Paper & Presentation Guidelines |
Compliance Article |
|
9 |
11/09/15 |
Federal Enterprise Architecture
(FEA) |
FEA Article |
|
10 |
11/16/15 |
Federal Information Security
Frameworks, Federal IT Management Reform |
Framework or Reform Article |
|
11 |
11/23/15 |
Specific Compliance, Certification and Accreditation
(C&A), Risk Management Framework (RMF) |
C&A / RMF Article |
|
12 |
11/30/15 |
Implementation and Contingency
Planning, Final Exam Review |
Planning Article |
|
13 |
12/07/15 |
Student Research Presentations Paper & Presentation
Due Before Class |
Research Paper &
Presentation |
|
12/14/15 |
Final Exam |
Attendance Policy
Students are expected to attend each class, to complete any required preparatory work (including assignments – see schedule above) and to participate actively in lectures, discussions and exercises. As members of the academic community, all students are expected to contribute to class discussions regardless of their proficiency with the subject matter.
Students are expected to make prior arrangements with the instructor if they know in advance that they will miss a class and to consult with the instructor as soon as possible if they miss any class without prior notice.
Departmental policy requires students to take exams at the scheduled time and place, unless there are truly compelling circumstances supported by appropriate, written documentation. Except in such circumstances, failure to attend a scheduled exam may result in a score of zero (0) for that exam.
Classroom Conduct
Students are expected to be punctual, alert, and prepared for each class. Be considerate of other students, i.e., be quiet for the duration of the class period, except when you have something to contribute to the entire class. Please feel free to ask questions and / or offer pertinent comments in class. If you are confused, more than likely, someone else is too. If you need extra help, please schedule an appointment with the instructor. Cell phones have no place in class; either leave them behind or turn them off prior to entering the classroom. In addition, GMU policy prohibits food of any kind in classrooms.
Communications
Communication with the instructor on issues relating to an individual student should be conducted using GMU email, or in person, not the public forums on Blackboard. GMU email is the preferred method for communicating with the instructor (rcurts@gmu.edu). Email messages from the instructor to all class members will be sent to students' GMU email addresses – if you use another email account as your primary address, you should forward your GMU email to that account.
Registered students will be given access to a section of Blackboard for this course. Blackboard will be used as the primary mechanism (outside of lectures) to disseminate course information, including this syllabus, schedules, announcements, lecture slides, homework, other assignments and scores for homework, the research project and exams.
Lecture slides are complements to the lecture process, not substitutes for it - access to lecture slides will be provided in Blackboard as a courtesy to students provided acceptable attendance is maintained.
All course materials (lecture slides, assignment specifications, etc.) are published on Blackboard in Adobe® Portable Document Format (PDF). This allows users of most computing platforms to view and print these files. Microsoft® Office, MS Visio, or a compatible set of applications is required for the research project and all assignments.
The Discussion section of Blackboard is provided for the use of students. The instructor will NOT monitor Blackboard discussions on a regular basis. However, GMU email will be answered promptly, usually within 24 hrs.
Policies & The University Honor Code
The homework and all other assignments in this course represent individual work. As always the GMU Honor Code holds. Stated in English, do the work yourself. If you need help, see the instructor. The most frequent violations of the university honor code and policies include but are not limited to:
v Copying or sharing a file / homework or any portion of a file / homework from / with another student.
v Sharing or allowing another student to copy your files / homework or any portion of a file / homework.
v Duplicating or distributing unauthorized copies of copyrighted software programs, lectures, publications or other materials.
v Unauthorized access or use of university computers, computer systems, or computer networks.
v Creating, sending or distributing electronic chain letters or Spam.
v Using a disk containing a virus in a computer lab or computer system, or distributing the virus on the computer network.
v Using the university computers, computer system, or computer network to view or distribute profanity or objectionable material.
See: http://www.gmu.edu/academics/catalog/9798/honorcod.html
Homework / Discussion Topics
Homework for this course will be independent research oriented. Students are required to supplement the lecture materials with recent literature. Prior to each lecture, students are expected to find current literature that is related to IT and the material covered by the lecture, and provide a synopsis of the article(s) to the class during the class period as indicated on the schedule. Synopses are to be presented during each class period for group discussion. Literature synopses will be graded upon their relevance to IT, the discussed lecture, quality of the publication from which they are drawn, presentation quality (summary, key points, conclusions) and degree of student understanding of the information presented (determined through question and answer discussions). All synopsis presentations must be accompanied by a one page (maximum) summary which will be uploaded to Blackboard prior to class. Summaries shall include the article reference citation in MLA format, a brief article summary, discussion of key points, as well as the student’s personal assessment and conclusions, in the format provided. Research that indicates new advances in technology, major changes in government policy and / or the impacts of technology / federal policy on the Federal IT, IA or IT Security environment is encouraged. Each homework submission must relate to both IT / IA / IT security and the lecture topic.
Homework is submitted through Blackboard and is due before class on the date specified. All homework materials (charts, diagrams, text, etc.) may be generated in MS Office and / or Office compatible software as appropriate, and uploaded to Blackboard. Be sure to include your name in the header of all homework assignments. The instructor teaches multiple sections. Therefore, in order to ensure that homework is properly credited all homework files shall use the following naming convention:
ISA 650 001 F15 L?? Username.xxxx
Where “??” represents the two digit lecture number, “Username” is your student email / Blackboard ID and “xxxx” represents the type of document (.docx, .xlsx, .pptx, .zipx, etc.). If your submission requires multiple files, combining them into a single Zip file for upload is recommended. For example, homework for lecture number two, submitted by a student named John Smith, using a Zip format would be labeled:
ISA 650 001 F15 L02 JSmith.zip.
All homework is required to be submitted on time in order to receive credit. Except in VERY EXTRAORDINARY circumstances,
LATE HOMEWORK WILL NOT BE ACCEPTED.
All
homework assignments are completed by the student and presented to the
instructor as partial fulfillment of course requirements. As such the instructor and the University
reserve the right to use student coursework as classroom examples for this
class, future courses / classes, and other educational purposes as appropriate.
Research Paper
Students shall be organized into groups; the number and size of the groups depends upon enrollment. Each group shall prepare a 10 page (minimum) research paper on a topic assigned by the instructor. Research papers shall be double spaced with 1” margins and Times New Roman 12 point font. Page requirements are exclusive of title page, table of contents, abstract, index, bibliography, appendices and other such ancillary material. It is the responsibility of the individual group / student to analyze the topic and provide a meaningful summary, discussion, conclusions, recommendations and, where appropriate, propose effective information technology policy-based solutions. Keep in mind that finding fault is easy – and, it has been done numerous times before by many researchers. The hard (and more interesting) part is developing a workable solution.
Research papers are intended to be an in-depth look at some issue relevant to course material. As such they should provide insight well beyond what has been discussed in class, books, journals, newspapers, magazines, web sites, blogs or other media. Research papers are NOT to be a summary nor a restatement of previously covered ground. On the contrary, they should add to the body of knowledge in the area of Federal IT Policy or some closely related issue as assigned.
Class Presentation
Each group shall prepare a short classroom presentation summarizing their research paper. Classroom presentations shall include approximately 10 - 15 slides and a 20 - 30 minute synopsis of the research paper followed by 5 - 10 minutes for questions and answers. The actual length of the presentations depends upon the number of groups / enrollment. Each member of the group must participate in the presentation. Students should be prepared to field questions as time permits. Presentations will be graded on the degree to which a systematic approach to problem solving was followed and on the extent to which the conclusions and proposed solutions were researched and substantiated. The instructor’s grading will be supplemented by peer grading.
If you are concerned or confused about some
aspect of this project,
discuss it with the instructor
WELL BEFORE
it is
due and in time to make adjustments as necessary.
As with homework, all research papers and classroom presentations are completed by the student and presented to the instructor as partial fulfillment of course requirements. As such the instructor and the University reserve the right to use student coursework as classroom examples for this class, future courses / classes, and other educational purposes as appropriate.
In accordance with department policy, students who arrive more than 15 minutes late for any exam will not be permitted to take the exam and will automatically receive a grade of zero for the exam. Makeup exams are very rarely given. Requests for a delayed exam due to multiple tests (>2) in one day will ONLY be considered if the proper forms are completed and in the instructor's hands well before the scheduled exam date.
Exams are intended to test the students’ knowledge of the materials discussed in the readings and lectures. Consequently, each test may include one or two Short Answer and / or Essay questions, plus Completion, True/False, Multiple Choice, Multiple Response and Matching type questions.
Quizzes
& Exercises
Exercises and quizzes may be conducted in selected class
sessions throughout the semester. Quizzes
and exercises will not be announced in advance. Any student who misses an exercise or quiz due
to an unexcused absence will receive zero (0) for that exercise
Grading
Grades will be awarded in accordance with the GMU Graduate Grading System as follows:
|
Numeric Grade |
Grade |
Quality Points |
Pass / Fail |
||
|
97% |
- |
100% |
A+ |
4 |
Satisfactory / Passing |
|
94% |
- |
96% |
A |
4 |
Satisfactory / Passing |
|
90% |
- |
93% |
A- |
3.67 |
Satisfactory / Passing |
|
87% |
- |
89% |
B+ |
3.33 |
Satisfactory / Passing |
|
83% |
- |
86% |
B |
3 |
Satisfactory / Passing |
|
80% |
- |
82% |
B- |
2.67 |
Satisfactory* / Passing |
|
70% |
- |
79% |
C |
2 |
Unsatisfactory / Passing |
|
0% |
- |
69% |
F |
0 |
Unsatisfactory / Failing |
* Although a B- is
a satisfactory grade for a course at this level, students must maintain a 3.00
average in their degree program and present a 3.00 GPA on the courses listed on
the graduation application.
Raw scores may be adjusted (i.e., a curve may be applied) by the instructor to calculate final grades. Grades will be assigned as follows:
15% - Homework / Quizzes / Participation
20% - Mid Term Exam
20% - Final Exam
25% - Research Paper
20% - Research Presentation
Note that homework, quizzes and class participation account for 15% of your grade. Failure to submit homework on time, skipping class, or failing to participate in classroom discussions and exercises will have a significant negative impact on your final grade.
If you have
any questions or concerns related to any aspect of this course and/or related requirements,
discuss them with the Instructor
Well BEFORE
they become
an issue.