MSC 5701 Cybersecurity Governance and Compliance

The course highlights the broad requirements for effective governance, the elements and actions required to develop a cybersecurity strategy and a plan of action to implement the corresponding cybersecurity program. The focus is on the alignment of security strategy with business goals, objectives, and corporate governance. Students will learn about the effective governance and management components of IT and cybersecurity. Topics include frameworks, standards, policies, procedures, organizational structures, enterprise architecture, risk management, protection of assets, maturity models, laws, regulations, IT resource management, IT service acquisition and management, quality management and performance management. The role of the Board of Directors (BOD), how to communicate with the BOD, the objectivity and independence of the various roles, e.g., where cybersecurity should be positioned in an organization, will also be covered in this course.