Course Syllabus

Please note that the specifics of this course syllabus are subject to change. Instructors will notify students of any changes and students will be responsible for abiding by them. Even if you print this syllabus, please check the online version often.


IST 456: Information Security Management (3 credits) - Communication technologies have become key components in supporting critical infrastructure services in various sectors of our society. In an effort to share information and streamline operations, organizations are creating complex networked systems and opening their networks to customers, suppliers, and other business partners. Increasing network complexity, greater access, and a growing emphasis on the Internet have made information systems and network security a major concern for organizations.

IST 456 focuses on security and risk management. Students will learn:

  • Contemporary security issues
  • Security management processes
  • Architecture and models
  • Risk analysis and management
  • Security planning
  • Analysis and safeguards
  • Security policies, development, and administration
  • Contingency planning
  • Incidence handling and response
  • Security standards and certification processes
  • Security certification and accreditation
  • Security inspections
  • Security processing mode
  • System certification

Major components of the course will be several case studies and a group-based project. Emphasis will be placed on developing and practicing writing and speaking skills through application of the concepts, theories, and technologies that define the course.


  • IST 220 with a C or better
  • SRA 221 with a C or better


Upon completion of this course, students will be able to:

  • Understand the issues, techniques, and technologies for security and risk management
  • Discuss various system vulnerabilities and mitigation strategies
  • Understand the role of security inspections, security certification/accreditation, and system certification
  • Understand the interactions between systems design, systems management, social factors, and the socio-political environment as it pertains to security and risk management
  • Have an understanding of the emerging ISO/IEC Information Security Management Systems (ISMS) standards - the ‘ISO-27000 series’

Note: Lessons objectives and PowerPoint presentations in the course come from the corresponding chapters in the course textbook, published by Cengage. 


  • TBD


  • Materials required for this course: MindTap for Whitman/Mattord Management of Information Security, 6th Edition; 9781337405744 

  • MindTap includes the full online text and other helpful resources such as videos & study tools, as well as live virtual machine lab assignments that you will be completing in your course. You can opt to acquire either standalone MindTap access code for the title through the MBS Direct website, OR you can acquire Cengage Unlimited (which includes MindTap access). Either option will provide you with the access and materials you need for this course.

    If you prefer to have a print copy along with your digital access, you can acquire a loose – leaf version to be shipped directly to you through the MindTap interface.

    Materials required for this course (title/platform) are also included in Cengage Unlimited, a subscription that provides easy access to all Cengage eBooks, study materials, and digital learning products. One set price of $119.99 for one semester (4 months) includes:

    • Online access to ALL Cengage textbooks. Taking two or more courses that have assigned Cengage materials? One subscription is all you need.
    • All Cengage digital learning platforms like MindTapWebAssignOWLv2CNOWSAMand more.
    • Even after your Cengage Unlimited subscription ends, access to your digital course—like MindTapWebAssignOWLSAMand more—does not.
    • $7.99 print rental options when using a digital learning platform.
    • Tens of thousands of Cengage eBooks, study tools, test prep services and more.
    • Access to 6 eBooks after your Cengage Unlimited subscription ends.
    • For students living outside the US that want to acquire Cengage Unlimited should contact our customer support to process an international purchase at (800) 354-9706, or through the Cengage Unlimited support site.

    Longer subscription lengths available (1 year for $179.99, 2 years for $239.99). Can be purchased at bookstores or 

  • Other readings

  • This course may use a lab component which requires a minimal fee for usage. If so, your instructor will provide purchasing details in the course syllabus when the semester begins.

Assignments & Grading

Evaluation of knowledge and understanding of materials will be through written assignments, quizzes, exams, and class participation.

Grading Category Percentage of Final Grade
Quizzes 30%
Discussions (Individual) 12.5%
Exercises (Individual) 5%
Labs (Individual) 20%
Group Projects 32.5%
Total 100%

Course Grading Scale

The following are minimum cutoffs for each grade:

  • 93.00% = A
  • 90.00% = A-
  • 87.00% = B+
  • 83.00% = B
  • 80.00% = B-
  • 77.00% = C+
  • 70.00% = C
  • 60.00% = D
  • less than 60.00% = F

Course Policies and Expectations

  • Logging into Canvas - Students are expected to log in regularly to check for course updates, announcements, emails, discussions, etc.
  • All Course-related electronic mail must use Canvas. You have my cell number in case of an emergency. You may SMS me but please be sure to say who you are and what class you are in.
  • Attending virtual meetings - Students are expected to use the specified virtual meeting tool(s) for collaboration, meetings, presentations, etc., as needed.
  • Late assignments will receive a 10% penalty unless prior approval is given. No assignment will be accepted more than 1 week late without instructor approval.

Academic Integrity

Penn State and the College of Information Sciences and Technology are committed to maintaining Penn State's policy on Academic Integrity in this and all other courses. We take academic integrity matters seriously and expect you to become a partner to the University/College standards of academic excellence.

For more information, please review these policies and procedures:

WARNING: In addition to other policies, using any material in any media format - from “answer sites” (such Course Hero, Chegg, and all others) and/or other types of sources - is considered CHEATING and will not be tolerated. Sanctions range from failure of the assignment or course to dismissal from the University. Contact your instructor with questions related to this topic.

University Policies

Review current information regarding various Penn State policies (such as copyright, counseling, psychological services, disability and military accommodations, discrimination, harassment, emergencies, trade names, etc.) on the University Policies page.


Find extensive information and links to many Penn State and IST resources (including the Penn State libraries, video conferencing tools, technology and software, writing and research help, and much more) on the Resources page.

Technical Requirements

Standard World Campus computer technical specifications are assumed for this course. Please test your computer for requirements. In addition, a webcam and a headset with a microphone are REQUIRED for the course. These may be used for virtual meetings, virtual office hours, interactions with classmates and your instructor, and group presentations - which are all conducted with virtual meeting tools. No special software is required.


The following schedule outlines the topics covered in this course, along with the associated time frames, readings, activities, and assignments. All due dates reflect Eastern Time (ET). Specifying the time zone ensures that all students have the same deadlines, regardless of where they live.

Course Summary:

Date Details