Skip to Main Content Skip to bottom Skip to Chat, Email, Text
Back to Program

CYB/407

Information Technology

Information Systems Risk Controls and Auditing Management

Online

Format

$1,194

Estimated Tuition

credits

Total credits

weeks

Course length

Request info

Start when you're ready

Choose an upcoming start date:

Enroll by 1pm Central:

Take this course on its own, or as part of a degree or certificate program.

View all programs

Please Note: Attendance and participation are mandatory in all University courses, and specific requirements may differ by course. If attendance requirements are not met, a student may be removed from the course. Please review the Course Attendance Policy in the Catalog for more information.

University of Phoenix reserves the right to modify courses. While widely available, not all programs are available to residents of all states. Please check with a University Enrollment Representative.

Course level: Undergraduate

This course focuses on information security management principles. It will cover Designing-Deploying and Managing Security Controls, Security Control Types and Objects, Implementing Control and Assurance Frameworks, and Audit Management.

Prerequisites

CYB/405 – Information Systems Governance or equivalent

Required materials

Additional course materials not included in the resource fee, are required or recommended for this course. Please review  course material information.

You can order your textbooks from the  University bookstore.

Please Note: Attendance and participation are mandatory in all University courses, and specific requirements may differ by course. If attendance requirements are not met, a student may be removed from the course. Please review the Course Attendance Policy in the Catalog for more information.

University of Phoenix reserves the right to modify courses. While widely available, not all programs are available to residents of all states. Please check with a University Enrollment Representative.

What you'll learn

Course skills and outcomes

  • Categorize information systems based on the information stored, transmitted, and processed.
  • Analyze the Center for Internet Security (CIS) Critical Security Controls for Effective Cyber Defense (formerly the SANS 20).
  • Explain the relationship between Critical Controls, International Organization for Standardization/International Electro-technical Commission (ISO/IEC), National Institute of Standards and Technology (NIST), and Control Objectives for Information and Related Technologies (COBIT).
  • Specify the risk management framework to be used for developing the security plan.

  • Define the functional roles of the Information System Owner, Common Control Provider, Information Owner/Steward, Information System Security Officer, Information System Security Engineer, Risk Executive (Function), Authorizing Official or Designated Representative, Chief Information Officer, and Senior Information Security Officer.
  • Identify and prioritize the attack vectors of a specified industry and organization.
  • Select ten appropriate security controls, including system-specific controls, common controls, and hybrid controls.
  • Plan for management of security controls using a security toolkit application.

  • Provide polices that map to appropriate security controls for the specified organization including system-specific controls, common controls, and hybrid controls.
  • Describe assessment objects, mechanisms, and specifications.
  • Develop a security assessment plan.
  • Distinguish assurance professional roles and responsibilities in the review and approval of an assessment plan.

  • Distinguish information gathering tools and techniques used to assess and monitor security controls.
  • Exemplify the assessment of security controls as defined in the security assessment plan.
  • Provide a security assessment report.
  • Communicate organizational risk, risk tolerance, and risk acceptance.

  • Classify information system operation authorization.
  • Describe how Control Objectives for Information and Related Technologies (COBIT), from an audit perspective, is used to manage a POA&M.
  • Produce a Plan of Actions and Milestones (POA&M) based on the findings and recommendation of the security assessment report.
  • Provide security and audit plans and policies to support continuous improvement to organizational stakeholders.

Why UOPX

Why take courses at University of Phoenix

Accreditation that matters

We’ve been accredited by the Higher Learning Commission (hlcommission.org) for more than 40 years.

Real-world instructors

Learn from instructors who bring an average of 25 years of working experience to the classroom.

Affordable and potentially reimbursable

Our tuition and fees are competitive and fixed. Also, check to see if your employer will cover you for this course.

Next Steps

Smiling enrollment representative

Start a conversation about your future with an enrollment representative today.

Call 844-937-8679
Start chatting

Transfer Credits

Credit Transfer

Need to transfer credits to another college or university?

Before you enroll in a course, check with your school of choice to make sure they will accept our transfer credits and to understand any requirements or limitations. Then you can complete your course, and request your official transcript be sent to your school. That’s it!

How to request your transcripts

Transferability of credit is at the discretion of the receiving institution. It is the student’s responsibility to confirm whether or not credits earned at University of Phoenix will be accepted by another institution of the student’s choice. If you have a question contact us at (866) 354-1800.

The University of Phoenix reserves the right to modify courses. Although our continuing teacher education courses are accepted by some state agencies in the United States toward teacher certifications and endorsements, this may not be the case in all states or foreign jurisdictions. If you plan to use courses for certification or endorsement, please check with your own state agency and your school district for applicability. Continuing teacher education courses are not eligible to apply to degree programs at University of Phoenix. These courses are not eligible for federal financial aid. Transferability of credit is at the discretion of the receiving institution. It is the student’s responsibility to confirm whether or not credits earned at University of Phoenix will be accepted by another institution of the student’s choice. While widely available, not all programs are available to residents of all states. Please check with a University Enrollment Representative. If you have a question contact us at (866) 354-1800.