IT 505 GOVERNANCE, RISK & COMPLIANCE

This course examines the triad of Governance, Risk and Compliance (GRC) as an essential framework for the management of information technology with business. Governance describes the overall management approach through which senior executives direct and control the entire organization. IT Governance is part of overall governance and focused on determining how best to use technology to support business goals. Risk management comprises a set of processes, tools and techniques to assist the organization in identifying and prioritizing its key assets, identifying risks, qualitatively and quantitatively assessing those risks, and determine mitigation strategies. Compliance refers to the responsibility of organizations and their technology departments to comply with internal and external requirements. Topics include governance and risk frameworks, legal and regulatory requirements such as SOX, HIPAA, FERPA, FISMA, NERC, FERC, BASEL II, ISO and PCI.

Credits

3

Prerequisite

MSIT and CS certificate: None; MSITL, MBA/MSITL and MBACYBER: MGT 502 (may be taken concurrently)

Distribution

INFORMATION TECHNOLOGY