Information Security Management

This one-year Ontario Graduate Certificate program is designed to provide students with a holistic approach to information systems security as it applies to business.  The program will provide a broad understanding of security concepts and concentrate on industry best practices for information security.  Students will gain the knowledge required to manage both the strategic and operational aspects of information security.

The students will develop the skills to identify vulnerabilities to business and implement effective safeguards to minimize risks to acceptable levels.  They will learn detailed practical aspects of security such as risk analysis, vulnerability testing, writing security policies, implementing access controls and performing security audits.  An emphasis will be placed on interpersonal, organizational, technical, communication and problem-solving skills applied to enhance the effective implementation of security in a business environment.

What You’ll Learn

• Apply knowledge of computer operating systems, networking, and various application software to the simulation of business processes.
• Develop best practices to protect business resources through the application of knowledge of vulnerabilities and exploits.
• Develop security strategies for the deployment of security procedures and protective devices.
• Integrate information technology strategies that support business functions by employing knowledge of best practices of business processes and systems.
• Develop security plans and strategies to include acceptable use of business information and systems by internal employees, contractors, consultants, business partners and customers.
• Develop security plans and strategies to ensure the integrity of information in compliance with best practices, relevant policies, standards, and regulations.
• Apply project management principles in the deployment of security policies and strategies.
• Perform security audits to ensure compliance with security plans, policies, standards, regulations and best practices.
• Develop and deliver a corporate training program to communicate both orally and in writing the security requirements for compliance with security policies.
• Prepare security documentation for approval by senior management and present results of security audits.