Overview - 2019/2020
Protecting the private and personal information of industries and people is not only a vital and important career, it's also never been more in demand. If you're technically minded and are looking to add to your already impressive resume, the Information Security Management program will give your future career the boost it needs.
To fit in with your busy schedule, the program is available 100% online or in a traditional in-class format (full-time or part-time) with September, January or May admissions. Once you've chosen schedule that best suits your needs, you'll learn how to manage both the operational and strategic aspects of information security. In just eight months, you'll develop the skills to identify how a business is vulnerable, and how to best safeguard their information. You'll also learn detailed practical aspects of security such as risk analysis, vulnerability testing, writing security policies, implementing access controls, and performing security audits.
When you graduate, your career options will be as diverse as your future clients. Work as a Security Analyst, in the public or private sectors. Give your career security while helping companies keep their data safe.
Phone: 519-452-4430 x6082
Admission Requirements - 2019/2020A Two- or Three-Year College Diploma, or a Degree in a computing related field
Acceptable combination of related work experience and post-secondary education as judged by the College to be equivalent to the above
English Language Requirements
Applicants whose first language is not English will be required to demonstrate proficiency in English by one of the following methods:
- A Grade 12 College Stream or University Stream English credit from an Ontario Secondary School, or equivalent, depending on the program's Admission Requirements
- Test of English as a Foreign Language (TOEFL) test with a minimum score of 570 for the paper-based test (PBT), or 88 for the Internet-based test (iBT), with test results within the last two years
- International English Language Testing System (IELTS) Academic test with an overall score of 6.5 with no score less than 6.0 in any of the four bands, with test results within the last two years. SDS Program Requirements.
- Canadian Academic English Language (CAEL) test with an overall score of 70 with no score less than 60 in any of the four bands, with test results within the last two years
- Pearson Test of English Academic (PTE) with a minimum score of 59, with test results within the last two years
- A Cambridge English Test (FCE/CAE/CPE) with an overall score on the Cambridge English Scale of 176 with no language skill less than 169, with test results within the last two years
- An English Language Evaluation (ELE) at Fanshawe College with a minimum score of 75% in all sections of the test, with test results within the last two years
- Fanshawe College ESL4/GAP5 students: Minimum grade of 80% in ESL4/GAP5 Level 9 or 75% in ESL4/GAP5 Level 10
Recommended Academic Preparation
- Previous business or IT post-secondary education and/or training and/or work experience.
Applicant Selection CriteriaWhere the number of eligible applicants exceeds the available spaces in the program, the Applicant Selection Criteria will be:
- Preference for Permanent Residents of Ontario
- Receipt of Application by February 1st (After this date, Fanshawe College will consider applicants on a first-come, first-served basis until the program is full)
- Achievement in the Admission Requirements
Information Security Management-2019/2020
Level 1 Credits Information SecurityINFO-6001 4 This course will concentrate on the essential concepts of information security CIA, confidentiality, integrity, and availability. The common vulnerabilities in computer and network systems and the methodology hackers use to exploit these systems will be examined. O/S & Applications SecurityINFO-6003 4 This course will concentrate on the vulnerabilities of Windows and LINUX operating systems. The best practices and methodologies to ensure that critical security upgrades and system patches are installed will be discussed. Vulnerabilities to web applications will be explored. Web SecurityINFO-6076 4 This course will delve into the current scripting and computer languages used by modern web clients and servers, with a focus on the programming methodologies used to prevent exploitation of web security vulnerabilities. Security PlanningINFO-6027 3 This course will provide necessary skills to identify essential elements of a Security Management System, and the business processes that require protection. Risk assessments will identify vulnerabilities and required countermeasures to prevent and mitigate system failures. The consequences of data loss and the required safeguards are part of the process. The course will concentrate on the principals of implementing security in an organization. As part of this process Students will prepare and assess various security policies. Routing & SwitchingINFO-6047 5 This course focuses on the operation and analysis of the roles of routers and switches in an enterprise network. Topics covered include switching, STP, VLANs, routing protocols, IPv4 & IPv6, inter-VLAN routing, DHCP & NAT. The course will cover the Cisco CCNA Routing & Switching Essentials curriculum. Graduate Success StrategiesACAD-6002 1 This course presents and helps to develop some of the skills required to achieve academic and career success for graduate students. Areas of focus include college resources, study skills, and time management among other skills. The importance of Academic Integrity will be a main focus. Managing Enterprise NetworksINFO-6078 3 In this course, students will explore the principles and technologies involved with designing, maintaining and securing enterprise networks. You will learn the importance of protecting the network with technologies such as firewalls, intrusion detection, VPN and redundant network design. Level 2 Credits Security ApplicationsINFO-6079 4 This course covers secure object-oriented software development using high-level languages such as Python. Along with shell scripting techniques and implementation of shell-scripts to perform system-related tasks. As part of implementing defensive and security analysis applications, students will experience advanced cybersecurity techniques to secure centralized and distributed ecosystems. Monitoring & Incident ResponseINFO-6081 3 This course will cover techniques of the network security management cycle: data collection, threat detection, and analysis. Students will learn the skills necessary to identify and defend the network against intrusion and attack. CISSP PrepINFO-6010 3 This course provided students with a comprehensive overview of the domains or areas of study in the CISSP (Certified Information Systems Security Professional) certification. Domains include; Security and Risk Management), Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Assessment and Testing, Security Operations, Software Development Security. Throughout the course each domain will be studied in more detail covering the topics in the CISSP examination. Ethical Hacking & ExploitsINFO-6065 4 This course will discuss vulnerabilities and exploits and introduce the student to methods of attack that involve the weakest component of the enterprise, the end user. The student will also learn how to identify attacks against the network and defend against them. I.T. AuditingINFO-6008 3 This course will concentrate on the concepts of auditing, controls and security in an IT environment. Topics covered include general and application internal controls, security, governance, standards, guidelines and regulations. Methods and procedures to assess the risks and evaluate controls over information systems in an organization will be examined. Digital ForensicsINFO-6077 4 This course prepares students to apply the principals of digital forensics to detect, recover, trace, analyze and interpret digital evidence. This course teaches students how files are structured, data recovery techniques, data hiding and how to conduct a digital investigation.
Careers - 2019/2020
Career OpportunitiesThis program will prepare graduates to take advantage of the growing opportunities in the information security field. Graduates will be an asset to any information technology support department or specifically as part of a security team, in virtually all sectors of business. Subsequently, with the right experience base, graduates can expect to find opportunities as security analysts and consultants or in security management roles. They would obtain positions such as security analysts, information security auditor, network security analyst, IT technical security specialist and threat-risk/vulnerability security specialist.
More Information - 2019/2020A Mandatory Mobile Computing (Laptop) Program
Offered as an Online Distance Education Program and in a Face-to-Face Classroom Format
A One-Year Ontario College Graduate Certificate ProgramProgram Code: ISM1
Campus Code: LC (LC - London)
15 week terms
Academic Calendars available at www.fanshawec.ca/academicdates
ContactSchool of Information Technology: 519-452-4291
Program DescriptionThis one-year Graduate Certificate program is designed to provide students with a holistic approach to information systems security as it applies to business. The program will provide a broad understanding of security concepts and concentrate on industry best practices for information security. Students will gain the knowledge required to manage both the strategic and operational aspects of information security. The focus will be on addressing the following questions:
- What business assets need protection?
- What are the vulnerabilities and threats to the business and the assets?
- What safeguards need to be implemented to protect the business?
- Did the protection measures or safeguards work?
- Classes are delivered online and face-to-face on campus. Full-time and part-time students have the option to watch live and interactive webcasts or attend classes face-to-face on campus for most courses. All webcasts will be recorded and archived so students can review material and learn at their own pace. Students will require access to a computer and the Internet, preferably high-speed if attending online, and students will require a suitable laptop as per specs if attending in face-to-face classes.
- Applicants applying to the Online version of the program should ensure they have appropriate technological capacity to complete the program, including access to a computer, required software and internet access for each course in the program. Students attending the Online version of the program will not be required to pay a CONNECT lab fee.
- For all other students a laptop computer is to be purchased by the student attending the face-to-face classroom format (approximately $1200.00). The cost of the equipment is included in the General Expenses stated in the Fee Schedule. A CONNECT lab fee of $50.00 per academic term is included in the Additional Program Fees stated in the Fee Schedule. This fee helps cover costs associated with the delivery of the CONNECT mobile computing program.
- Students should not purchase a laptop computer or software until the College publishes the recommended configuration, models, software titles and versions for that academic year.
The graduate has reliably demonstrated the ability to
1. apply knowledge of computer operating systems, networking, and various application software to the simulation of business processes.
2. develop best practices to protect business resources through the application of knowledge of vulnerabilities and exploits.
3. develop security strategies for the deployment of security procedures and protective devices.
4. Integrate information technology strategies that support business functions by employing knowledge of best practices of business processes and systems.
5. develop security plans and strategies to include acceptable use of business information and systems by internal employees, contractors, consultants, business partners and customers.
6. develop security plans and strategies to ensure the integrity of information in compliance with best practices, relevant policies, standards, and regulations.
7. apply project management principles in the deployment of security policies and strategies.
8. perform security audits to ensure compliance with security plans, policies, standards, regulations and best practices.
9. develop and deliver a corporate training program to communicate both orally and in writing the security requirements for compliance with security policies.
10. prepare security documentation for approval by senior management and present results of security audits.