Skip to Main Content Skip to bottom Skip to Chat, Email, Text

CYB/407
Information Systems Risk Controls and Auditing Management

Course level: Undergraduate

Information Technology

Online

Format

$1,194

Estimated Tuition

3 credits

Total credits

5 weeks

Course length

Take this course on its own, or as part of a degree or certificate program.

Start when you're ready

Choose an upcoming start date:

Enroll by 1pm Central:

Please Note: Attendance and participation are mandatory in all University courses, and specific requirements may differ by course. If attendance requirements are not met, a student may be removed from the course. Please review the Course Attendance Policy in the Catalog for more information.

University of Phoenix reserves the right to modify courses. While widely available, not all programs are available to residents of all states. Please check with a University Enrollment Representative.

This course focuses on information security management principles. It will cover Designing-Deploying and Managing Security Controls, Security Control Types and Objects, Implementing Control and Assurance Frameworks, and Audit Management.

Required materials

Additional course materials not included in the resource fee, are required or recommended for this course. Please review  course material information.

You can order your textbooks from the  University bookstore.

Please Note: Attendance and participation are mandatory in all University courses, and specific requirements may differ by course. If attendance requirements are not met, a student may be removed from the course. Please review the Course Attendance Policy in the Catalog for more information.

University of Phoenix reserves the right to modify courses. While widely available, not all programs are available to residents of all states. Please check with a University Enrollment Representative.

Earn these career-relevant skills in weeks, not years.

  • Categorize information systems based on the information stored, transmitted, and processed.
  • Analyze the Center for Internet Security (CIS) Critical Security Controls for Effective Cyber Defense (formerly the SANS 20).
  • Explain the relationship between Critical Controls, International Organization for Standardization/International Electro-technical Commission (ISO/IEC), National Institute of Standards and Technology (NIST), and Control Objectives for Information and Related Technologies (COBIT).
  • Specify the risk management framework to be used for developing the security plan.

  • Define the functional roles of the Information System Owner, Common Control Provider, Information Owner/Steward, Information System Security Officer, Information System Security Engineer, Risk Executive (Function), Authorizing Official or Designated Representative, Chief Information Officer, and Senior Information Security Officer.
  • Identify and prioritize the attack vectors of a specified industry and organization.
  • Select ten appropriate security controls, including system-specific controls, common controls, and hybrid controls.
  • Plan for management of security controls using a security toolkit application.

  • Provide polices that map to appropriate security controls for the specified organization including system-specific controls, common controls, and hybrid controls.
  • Describe assessment objects, mechanisms, and specifications.
  • Develop a security assessment plan.
  • Distinguish assurance professional roles and responsibilities in the review and approval of an assessment plan.

  • Distinguish information gathering tools and techniques used to assess and monitor security controls.
  • Exemplify the assessment of security controls as defined in the security assessment plan.
  • Provide a security assessment report.
  • Communicate organizational risk, risk tolerance, and risk acceptance.

  • Classify information system operation authorization.
  • Describe how Control Objectives for Information and Related Technologies (COBIT), from an audit perspective, is used to manage a POA&M.
  • Produce a Plan of Actions and Milestones (POA&M) based on the findings and recommendation of the security assessment report.
  • Provide security and audit plans and policies to support continuous improvement to organizational stakeholders.

Why take courses at University of Phoenix?

University of Phoenix serves busy adults

Accreditation that matters

We’ve been accredited by the Higher Learning Commission (hlcommission.org) for more than 40 years.

Real-world instructors

Learn from instructors who bring an average of 25 years of working experience to the classroom.

Affordable and potentially reimbursable

Our tuition and fees are competitive and fixed. Also, check to see if your employer will cover you for this course.

Transfer-friendly courses

Before you enroll in a course, check with your school of choice to make sure they will accept your transfer credits and to understand any requirements or limitations. Then you can request your transcripts.

Transferability of credit is at the discretion of the receiving institution. It is the student’s responsibility to confirm whether or not credits earned at University of Phoenix will be accepted by another institution of the student’s choice. If you have a question contact us at (866) 354-1800.

Enrollment representative Sarah P.

Enrollment Rep. Sarah P.

Start a conversation about your future today.

Speak with an enrollment representative.

Call 844-937-8679 or chat with us 7 days a week.

University of Phoenix reserves the right to modify courses. Although our continuing teacher education courses are accepted by some state agencies in the United States toward teacher certifications and endorsements, this may not be the case in all states or foreign jurisdictions. If you plan to use courses for certification or endorsement, please check with your own state agency and your school district for applicability. Continuing teacher education courses are not eligible to apply to degree programs at University of Phoenix. These courses are not eligible for federal financial aid. While widely available, not all programs are available to residents of all states. Please check with a University Enrollment Representative. If you have a question contact us at (866) 354-1800.