• Overview - 2018/2019

    Protecting the private and personal information of industries and people is not only a vital and important career, it's also never been more in demand. If you're technically minded and are looking to add to your already impressive resume, the Information Security Management program will give your future career the boost it needs.

    To fit in with your busy schedule, the program is available 100% online or in a traditional in-class format (full-time or part-time) with September, January or May admissions. Once you've chosen schedule that best suits your needs, you'll learn how to manage both the operational and strategic aspects of information security. In just eight months, you'll develop the skills to identify how a business is vulnerable, and how to best safeguard their information. You'll also learn detailed practical aspects of security such as risk analysis, vulnerability testing, writing security policies, implementing access controls, and performing security audits.

    When you graduate, your career options will be as diverse as your future clients. Work as a Security Analyst, in the public or private sectors. Give your career security while helping companies keep their data safe.

     

     

    Program Coordinator:

    Clive Wright
    Phone: 519-452-4430 x6082

  • Admission Requirements - 2018/2019

    A Two- or Three-Year College Diploma, or a Degree in a computing related field
    OR
    Acceptable combination of related work experience and post-secondary education as judged by the College to be equivalent to the above

    English Language Requirements

    Applicants whose first language is not English will be required to demonstrate proficiency in English by one of the following methods:

    • A Grade 12 College Stream or University Stream English credit from an Ontario Secondary School, or equivalent, depending on the program's Admission Requirements
    • Test of English as a Foreign Language (TOEFL) test with a minimum score of 570 for the paper-based test (PBT), or 88 for the Internet-based test (iBT), with test results within the last two years
    • International English Language Testing System (IELTS) Academic test with an overall score of 6.5 with no score less than 6.0 in any of the four bands, with test results within the last two years
    • Canadian Academic English Language (CAEL) test with an overall score of 70 with no score less than 60 in any of the four bands, with test results within the last two years
    • Pearson Test of English Academic (PTE) with a minimum score of 59, with test results within the last two years
    • A Cambridge English Test (FCE/CAE/CPE) with an overall score on the Cambridge English Scale of 176 with no language skill less than 169, with test results within the last two years
    • An English Language Evaluation (ELE) at Fanshawe College with a minimum score of 75% in all sections of the test, with test results within the last two years
    • Fanshawe College ESL4/GAP5 students: Minimum grade of 80% in ESL4/GAP5 Level 9 or 75% in ESL4/GAP5 Level 10

    Recommended Academic Preparation

    • Previous business or IT post-secondary education and/or training and/or work experience.

    Applicant Selection Criteria

    Where the number of eligible applicants exceeds the available spaces in the program, the Applicant Selection Criteria will be:
    1. Preference for Permanent Residents of Ontario
    2. Receipt of Application by February 1st (After this date, Fanshawe College will consider applicants on a first-come, first-served basis until the program is full)
    3. Achievement in the Admission Requirements
  • Courses

    Information Security Management-2018/2019

    Level 1Credits
    Take all of the following Mandatory Courses:

    Group 1
    INFO-6001Information Security4
    This course will concentrate on the essential concepts of information security CIA, confidentiality, integrity, and availability. The common vulnerabilities in computer and network systems and the methodology hackers use to exploit these systems will be examined.
    INFO-6003O/S & Applications Security4
    This course will concentrate on the vulnerabilities of Windows and LINUX operating systems. The best practices and methodologies to ensure that critical security upgrades and system patches are installed will be discussed. Vulnerabilities to web applications will be explored.
    INFO-6042Web Security3
    This course will delve into the current scripting and computer languages used by modern web clients and servers, with a focus on the programming methodologies used to prevent exploitation of web security vulnerabilities.
    INFO-6027Security Planning3
    This course will provide necessary skills to identify essential elements of a Security Management System, and the business processes that require protection. Risk assessments will identify vulnerabilities and required countermeasures to prevent and mitigate system failures. The consequences of data loss and the required safeguards are part of the process. The course will concentrate on the principals of implementing security in an organization. As part of this process Students will prepare and assess various security policies.
    INFO-6047Routing & Switching5
    This course focuses on the operation and analysis of the roles of routers and switches in an enterprise network. Topics covered include switching, STP, VLANs, routing protocols, IPv4 & IPv6, inter-VLAN routing, DHCP & NAT. The course will cover the Cisco CCNA Routing & Switching Essentials curriculum.
    ACAD-6002Graduate Success Strategies1
    This course presents and helps to develop some of the skills required to achieve academic and career success for graduate students. Areas of focus include college resources, study skills, and time management among other skills. The importance of Academic Integrity will be a main focus.


    Group 2
    Take INFO-6002 or INFO-6072
    INFO-6002Network Systems & Components3
    This course will provide the student with a detailed and comprehensive understanding of the equipment used in computer networks. It will discuss the importance of the equipment to the business process and the security implications. The course will also concentrate on the protocols such as TCP/IP and HTTP that are essential for e-commerce and the operation of the network
    INFO-6072Information Security Testing3
    This course teaches students how IT systems can be attacked and penetrated by circumventing security or exploiting vulnerabilities in the system. Students will apply a methodical approach to surveying, testing and auditing systems, as well as preparing secure system designs, identifying vulnerabilities, and defending systems against intrusion.

    Level 2Credits
    Take all of the following Mandatory Courses:

    Group 1
    INFO-6048CCNA Security5
    This course will cover several aspects of network security to manage secure access to enterprise networks and servers. Students will study the control of network access through centralized authentication, authorization and accounting protocols and Virtual Private Networks. The implementation of Intrusion Prevention Systems to monitor for malicious traffic will also be studied. Experiential activities will include hands on the configuration of Cisco Systems network security devices to provide secure access to the enterprise network. Modern malware techniques and the use of cryptography to protect data will also be explored. The course will cover the Cisco CCNA- Security curriculum and prepare students for the Cisco CCNA - Security certification.
    INFO-6009Network Monitoring & Penetration Testing3
    This course will cover the techniques for monitoring the network for unauthorized access. The concept of Ethical hacking and the tools and methods used to test the security systems currently in place is also examined.
    INFO-6010CISSP Prep3
    This course provided students with a comprehensive overview of the domains or areas of study in the CISSP (Certified Information Systems Security Professional) certification. Domains include; Security and Risk Management), Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Assessment and Testing, Security Operations, Software Development Security. Throughout the course each domain will be studied in more detail covering the topics in the CISSP examination.
    INFO-6065Ethical Hacking & Exploits4
    This course will discuss vulnerabilities and exploits and introduce the student to methods of attack that involve the weakest component of the enterprise, the end user. The student will also learn how to identify attacks against the network and defend against them.
    INFO-6011Applied Project Management3
    This course focuses on the fundamental theory and practical application of project management skills and techniques to enable the development, selection, definition, execution and closure of IT projects. Students will take a case study through the essentials of a five-phase project management process as defined by the Project Management Institute and learn about the unique challenges at each stage. Students will use task based techniques, templates and Industry standard tools, including Microsoft Project to focus on program specific cases that reinforce processes presented concurrently in the program.


    Group 2
    Take INFO-6008 or INFO-6073
    INFO-6008I.T. Auditing3
    This course will concentrate on the concepts of auditing, controls and security in an IT environment. Topics covered include general and application internal controls, security, governance, standards, guidelines and regulations. Methods and procedures to assess the risks and evaluate controls over information systems in an organization will be examined.
    INFO-6073Digital Forensics3
    This course prepares students to apply the principals of digital forensics to detect, recover, trace, analyze and interpret digital evidence. This course teaches students how files are structured, data recovery techniques, data hiding and how to conduct a digital investigation.

    Program Residency
    Students Must Complete a Minimum of 11 credits in this
    program at Fanshawe College to meet the Program Residency
    requirement and graduate from this program

  • Careers - 2018/2019

    Career Opportunities

    This program will prepare graduates to take advantage of the growing opportunities in the information security field.  Graduates will be an asset to any information technology support department or specifically as part of a security team, in virtually all sectors of business.  Subsequently, with the right experience base, graduates can expect to find opportunities as security analysts and consultants or in security management roles.  They would obtain positions such as security analysts, information security auditor, network security analyst, IT technical security specialist and threat-risk/vulnerability security specialist.
  • More Information - 2018/2019

    A Mandatory Mobile Computing (Laptop) Program
    Offered as an Online Distance Education Program and in a Face-to-Face Classroom Format
    A One-Year Ontario College Graduate Certificate Program
    Program Code: ISM1
    Campus Code: LC (LC - London)
    September/January/May Admission
    15 week terms
    Academic Calendars available at
    www.fanshawec.ca/academicdates 

    Program Code: ISM1
    Campus Code: LCL (LCL - London-Online)
    September/January/May Admission
    15 week terms
    Academic Calendars available at
    www.fanshawec.ca/academicdates

    Contact

    School of Information Technology: 519-452-4291

    Program Description

    This one-year Graduate Certificate program is designed to provide students with a holistic approach to information systems security as it applies to business.  The program will provide a broad understanding of security concepts and concentrate on industry best practices for information security.  Students will gain the knowledge required to manage both the strategic and operational aspects of information security.  The focus will be on addressing the following questions:
    • What business assets need protection?
    • What are the vulnerabilities and threats to the business and the assets?
    • What safeguards need to be implemented to protect the business?
    • Did the protection measures or safeguards work?
    The students will develop the skills to identify vulnerabilities to business and implement effective safeguards to minimize risks to acceptable levels.  They will learn detailed practical aspects of security such as risk analysis, vulnerability testing, writing security policies, implementing access controls and performing security audits.  An emphasis will be placed on interpersonal, organizational, technical, communication and problem solving skills applied to enhance the effective implementation of security in a business environment.

    Other Information

    • Classes are delivered online and face-to-face on campus.  Full-time and part-time students have the option to watch live and interactive webcasts or attend classes face-to-face on campus for most courses.  All webcasts will be recorded and archived so students can review material and learn at their own pace.  Students will require access to a computer and the Internet, preferably high-speed if attending online, and students will require a suitable laptop as per specs if attending in face-to-face classes.
    • Applicants applying to the Online version of the program should ensure they have appropriate technological capacity to complete the program, including access to a computer, required software and internet access for each course in the program. Students attending the Online version of the program will not be required to pay a CONNECT lab fee.
    • For all other students a laptop computer is to be purchased by the student attending the face-to-face classroom format (approximately $1200.00). The cost of the equipment is included in the General Expenses stated in the Fee Schedule. A CONNECT lab fee of $50.00 per academic term is included in the Additional Program Fees stated in the Fee Schedule.  This fee helps cover costs associated with the delivery of the CONNECT mobile computing program. 
    • Students should not purchase a laptop computer or software until the College publishes the recommended configuration, models, software titles and versions for that academic year.
    Learning Outcomes 

    The graduate has reliably demonstrated the ability to

    1. apply knowledge of computer operating systems, networking, and various application software to the simulation of business processes.

    2. develop best practices to protect business resources through the application of knowledge of vulnerabilities and exploits.

    3. develop security strategies for the deployment of security procedures and protective devices.

    4. Integrate information technology strategies that support business functions by employing knowledge of best practices of business processes and systems.

    5. develop security plans and strategies to include acceptable use of business information and systems by internal employees, contractors, consultants, business partners and customers.

    6. develop security plans and strategies to ensure the integrity of information in compliance with best practices, relevant policies, standards, and regulations.

    7. apply project management principles in the deployment of security policies and strategies.

    8. perform security audits to ensure compliance with security plans, policies, standards, regulations and best practices.

    9. develop and deliver a corporate training program to communicate both orally and in writing the security requirements for compliance with security policies.

    10. prepare security documentation for approval by senior management and present results of security audits.

    Program Pathways

    For information about Program Pathways visit www.fanshawec.ca/programpathways.
Share this Program