last updated 2003 Feb 24
Jan 2003 - Apr 2003

primary text

reference text

secondary text
As Taught by Prof. Tim Richardson School of Marketing and e-Business, Faculty of Business
When you do these assignments, make sure you attribute your sources, it is best to use footnotes at the bottom of each page, and make sure you put in quotes the text which is not your's - you may attach printouts of relevant webpages, but do not attach too many.
Assignment: 1 - Privacy Issues 2003 15%
This assignment requires you to find an example in the media (online, or offline). It is suggested that you look through stories in the National Post and Globe & Mail to find a scenario where a company was compromised on a Privacy topic. Discuss what the problem was. Could it have been prevented? What follow-up might there be to make sure this situation did not happen again. What is the key thing(s) that could be learned about how this situation was handled - which you could apply to a company you work with?
Assignment: 2 - IT attacks - current threats 15%
The purpose of this asignment is to make you personally aware of several of the most current IT theats and by doing so, provide you with an awareness which may allow you to be better prepared to deter a threat, and/or respond to a breach. You are required to identify 3 specific threats, eg a current social engineering threat, a current virus and its specific threat, an email worm, a corrupted patch. Describe what the threat is. Explain what damage could be caused by ignoring the threat. Determine how the threat could be identified by your organization, and propose how you might respon
Assignment: 3 - Risk Assessment & Risk Management and Security Policies 20%
One of the reasons people do  not have appropriate security is because they do not know what their vulnerabilities are - that is they do not have an accurate assessment of what is at risk. In this assignment you are required to briefly describe a company that has an operational risk (you create what the risk might be), then consider how you might manage the risk by making SOPs (Standard Operating Procedures) to prevent the vulnerability existing. It can be helpful to piggyback on existing examples of any real-life companies you might know. If you use a real-life company as a model, make sure you clearly explain the difference between your writing, and your reference.
Assignment: 4 - Firewalls, Policy and Procedures 20%
Firewalls cannot protect you from determined attacks, but the abscence of any firewall will surely put you in a vulnerable situation, just as leaving your keys in your unlocked car in Toronto will see your vehicle stolen. This assignment requires you to investigate the publically available marketing info on several commercially available Firewalls for corporate use. Using a created scenario of a company that has particular risks, pick a firewall product and match it to the vulnverabilities in your scenario. Write a short set of procedures that you provide to fellow office workers, once the firewall is installed - to make sure they adhere to practices which make the firewall operationally effective. This is a "policy" oriented assignment not a technically oriented assignment.
Class Participation 15%
Participation is defined as regularly attending class (not just for filling a seat) and asking and answering useful questions which further  contribute to the subjects discussed in each session. To this end, it is strongly recommended, that participants do indeed read the assigned  chapters and WWW pages BEFORE class, so that questions may be asked and good discussions takes place.  Program Participants should make an effort to contribute useful information on regular occasions 

Contributions can also be made by identifying resources on the WWW that would be useful to the class. These contributions can be made in the form or emailing information to the professor, or bringing to class various articles and documents. If you do send an email, DO NOT just send the URL - you should make a summary, in your own words, as to why the article is useful and how it contributes to what we are discussing in class. Really good emails could be worth 2, 3 or possibly even 4 marks.

Class participation / contribution will be calculated on a per incident basis so students should plan on trying to have something useful to say, or contribute at least once
every second or third class. 

Do not leave class participation to the end of the course. All class participation marks will be finalized 1st week in April

TEST 15%
There will be several quizzes throughout the course (which will be in lieu of a short/medium answer test in the middle of the course), for the purpose of evaulating your understanding of the key concepts up to that point. In order to prepare for these quizzes, simply do the required readinsg commensurate with the course outline dates/topics.