ACG 6415

1. ACG 6415 Advanced Accounting Information Systems Spring 2013

2. Course Objectives • A strong grounding in computer and network security. • Learn the factors related to the plan-protect-respond cycle of IT security. • An understanding of networking concepts. • You will learn of the importance of IT security to the accounting profession and of the various control frameworks that accountant's rely on for compliance. • This course is learning about defense so we will learn about many threats and how they exploit vulnerabilities but we will NOT be using these exploits in class.

3. Syllabus Highlights • Dr. Steven Hornik • email: shornik@ucf.edu • Course Webpage: http://acg6415.wikispaces.com/ • Office Hours: Wednesday & Thursday 5:00-6:00; and by appointment • Office: BA1 432

4. Text Book • Corporate Computer and Network Security, 3rd Edition by Randall J. Boyle and Raymond R. Panko

5. Grade Components • Exam 1 (Ch. 1 – 4, module A & Readings) 250 • Exam 2 (Ch. 5- 10 & Readings)250 • Access Control Simulation 100 • Security in the News50 • Research Paper 150 • Participation 50 • Total Points850

6. Grading Scale • A 4.00 100-93 • A- 3.75 92-90 • B+ 3.25 89-86 • B 3.00 85-83 • B- 2.75 82-80 • C+ 2.25 79-76 • C 2.00 75-73 • C- 1.75 72-70 • D+ 1.25 69-66 • D 1.00 65-63 • D- 0.75 62-60 • F 0.00 <59

7. Exams • Two Part Exams • 1st Part • Multiple choice • Matching • Time Limit ~ 60 minutes • 2nd Part • Short-answer / Essay (with Notes/Book) • Time Limit 2.5 hours • Exams can be taken in any order

8. WikiSpace • Click “Join” button • Join if you haven’t • Collaborative Web Pages • You can Add material to any page • You can Edit material already posted to a page • You can Delete material posted to a page • You can Create a new page with new material • Material • text content • Hyperlinks • WebPages, Podcasts, Video, Audio, etc. • Group Research/Project Paper • Each group will have its own Team page(s) for supporting collaborative work.

9. Wiki Pages to Update • Security in the News

10. Security In The News • Locate an article/video, etc. related to a security breach • Insert a link to the resource (article, video, etc.) • Provide a summary of what happened • Detail the breach that occurred • Provide a description of what control could have prevented/detected the breach • Quality counts • No duplicate articles allowed

11. Research/Project Paper • Groups of max of 5 • Group Assessment • ~10 page final paper • Dates: • Initial Title (1 sentence) – 01/31/2013 • Summary idea (1 page + group assessment rubric) 02/14/2013 • Draft – 5 page minimum –02/28/2013 • Final paper –04/18/2013 • Topics (only 2 groups can do the same topic) • Using OCTAVE Allegro, create an risk assessment, using the OCTAVE Allegro worksheets, for an organization you work for or have access to. Identifying between 5-7 critical information assets. Beyond the risk assessment this project requires a summary of how risk assessment fits within the IT Governance frameworks • Using the various standards/frameworks, COBIT, ISO, ITIL, etc. create a report of the similarities between them and come up with a list of common controls, i.e. create a grand unified control document. The paper should include summaries of each of the frameworks included and a compare/contrast section. • Research and prepare a report on the compliance issues related to SOX and IT Security. • In-depth analysis of a current topic related to accounting and IT-Security.

12. Access Control Simulation

13. Access Control Simulation - Tutorial

14. Access Control Simulation

15. Access Control - Office

16. Access Control Report • You have been hired to conduct an IT control review • Examine the office locations • Each office • Each Cubicle • Each room • Note controls in place • Note missing controls • Prepare report summarizing your findings • Include a table that shows: • Place Visited • Control found • Control Missing • Recommended Fix (if necessary)