Information Assurance
MARA 286

Andrew Ysasi, MS, CRM/CIGO, FIP, FIIM, CIPM, CISM, PMP, IGP, CIP, CSAP

Office Hours: by appointment

An overview of Information Assurance and Risk Management theories, principles, and techniques. Examines the information assurance frameworks and risk management planning structures used to ensure that an organization's information resources and assets are protected.

Letter Graded

Expectations

Students are expected to participate fully in all class activities. It is expected that students will be open-minded and participate fully in discussions in class and debate in a mature and respectful manner. Use of derogatory, condescending, or offensive language including profanity is prohibited. Disagreement is healthy and perfectly acceptable. Expressing disagreement should always include an explanation of your reasoning and, whenever possible, evidence to support your position. In accordance with San José State University's Policies, the Student Code of Conduct, and applicable state and federal laws, discrimination based on gender, gender identity, gender expression, race, nationality, ethnicity, religion, sexual orientation, or disability is prohibited in any form.

Course Workload

Success in this course is based on the expectation that students will spend, for each unit of credit, a minimum of forty-five hours over the length of the course (normally 3 hours per unit per week with 1 of the hours used for lecture) for instruction or preparation/studying or course related activities including but not limited to internships, labs, clinical practica. Other course structures will have equivalent workload expectations as described in the syllabus.

Instructional time may include but is not limited to:
Working on posted modules or lessons prepared by the instructor; discussion forum interactions with the instructor and/or other students; making presentations and getting feedback from the instructor; attending office hours or other synchronous sessions with the instructor.

Student time outside of class:
In any seven-day period, a student is expected to be academically engaged through submitting an academic assignment; taking an exam or an interactive tutorial, or computer-assisted instruction; building websites, blogs, databases, social media presentations; attending a study group; contributing to an academic online discussion; writing papers; reading articles; conducting research; engaging in small group work.

Core Competencies (Program Learning Outcomes) Supported

MARA 286 supports the following core competencies:

Upon successful completion of the course, students will be able to:

1. Design, support, and evaluate an Information Assurance (IA) Governance Program for an organization.
2. Identify and assess information security and privacy risks/vulnerabilities and select and evaluate appropriate technical and business solutions to mitigate the risk for an organization.

Textbooks

Required Textbooks:

• Andress, J. (2019). Foundation of information security: A straightforward introduction. No Starch Press. Available through the King Library.

Course Grading

Grading will be based on a total accumulation of possible 100 points, distributed as follows:

• Class Participation and Discussion - 30 points (30% of final grade)
  (Supports CLOs #1-2)
  Participation in weekly discussion boards
  Due: Weekly
• Assignment #1—20 points (20% of final grade)
  (Supports CLOs #2)
  The Information Assurance/Security Risk Identification, Assessment, Response, Mitigation, and Control Assignment
• Assignment #2—20 points (20% of final grade)
  (Supports CLOs #1)
  The History and Development of Security Technology Assignment
• Final Course Assignment - Research Paper—30 points (30 % of final grade)
  (Supports CLOs #1-2)
  Evaluate an organization that has suffered a data breach within the past year.  Describe the breach, what was done after the breach, what you would have done differently, and what recommendations you would make to prevent future breaches.  Students are allowed to evaluate multiple organizations to meet the submission options below.

Submission options are an 8-10 page APA formatted paper, 16-20 PowerPoint slides (notes required in slides) with a separate APA formatted reference page, or a Podcast that is 16-20 minutes long with a separate APA formatted reference page (Podcast can be audio only).  Please have a minimum of eight references to support your research, regardless of the submission option chosen.

Grading

Assignments will be accepted after five days past the due date unless arrangements have been made otherwise between the student and instructor before the due date.  Late assignments submitted after the assignment deadline will receive a 10% point reduction for each day for up to 5 days based on the total point value of the assignment. No points will be awarded after 5 days late.

Discussion board postings will not be accepted for credit after the module's discussion has ended.

All course materials must be completed by the last day of the class unless the student and the instructor, in compliance with University guidelines, have agreed upon other arrangements.

NOTE: Students should provide their initial discussion board posts by the first Thursday of each module by 11:59 pm (Pacific Time), to leave ample time for follow-up discussion. Please participate early and actively in the required discussions.

Details for all the discussions and assignments will be provided in Canvas.

Assignments Due

Unless otherwise noted, each module begins on Monday and ends on Sunday. Assignments will be due by 11:59 pm (Pacific Time) on the due date.

The standard SJSU School of Information Grading Scale is utilized for all iSchool courses:

In order to provide consistent guidelines for assessment for graduate level work in the School, these terms are applied to letter grades:

• C represents Adequate work; a grade of "C" counts for credit for the course;
• B represents Good work; a grade of "B" clearly meets the standards for graduate level work or undergraduate (for BS-ISDA);
  For core courses in the MLIS program (not MARA, Informatics, BS-ISDA) — INFO 200, INFO 202, INFO 204 — the iSchool requires that students earn a B in the course. If the grade is less than B (B- or lower) after the first attempt you will be placed on administrative probation. You must repeat the class if you wish to stay in the program. If - on the second attempt - you do not pass the class with a grade of B or better (not B- but B) you will be disqualified.
  
• A represents Exceptional work; a grade of "A" will be assigned for outstanding work only.

Graduate Students are advised that it is their responsibility to maintain a 3.0 Grade Point Average (GPA). Undergraduates must maintain a 2.0 Grade Point Average (GPA).

Per University Policy S16-9 (PDF), relevant university policy concerning all courses, such as student responsibilities, academic integrity, accommodations, dropping and adding, consent for recording of class, etc. and available student services (e.g. learning assistance, counseling, and other resources) are listed on the Syllabus Information web page. Make sure to visit this page to review and be aware of these university policies and resources.