Close-up view of a green eye
Enterprise Security Policy and Management
RIT is now offering five online courses

Enterprise Security is an encompassing philosophy that promotes cyber and physical security practices by people and organizations in response to physical security threats to people, property and infrastructure, combined with ubiquitous use, abuse and reliance on information systems and devices throughout society. Enterprise Security, broadly construed, relates to a full range of personal, organizational, national and international security, protection, safety and law enforcement challenges associated with natural disasters, nation-state military conflicts, terrorism and crime.

RIT now offers five online courses on this subject. RIT’s College of Liberal Arts is now in the process of qualifying these Enterprise Security courses toward an Advanced Certificate in Enterprise Security Policy and Management. Approval by the New York State Education Department of this advanced certificate is expected in 2017.

  • Security Technology Management

    SECU-700

    This course examines security threats and technologies, associated research and development processes, and relationships among technology developers, and numerous management concerns pertaining to the adoption, implementation and utilization of security enhancing technologies throughout society. In this course, students will learn about simple-to–complex physical and cyber technologies used by spies, terrorists and criminals and for countervailing purposes by professionals working in national security/intelligence analysis, law enforcement or managed security organizations. Students will also learn about technology R&D, budgeting, and procurement, technology vendor/contractor relationships, plus best practices for security technology policies, procedures and training. Subjects addressed include security of infrastructure, facilities, information systems and devices, food and water.

    Students completing this course will be able to:

    • Describe and give examples of how public agencies and private firms provide safety and security to employees and other members of society in contexts of continuously evolving social deviance, crime and hazards.
    • Explain and discuss how technologies simultaneously enable security threats to occur while also providing innovative methods for providing security to individuals, groups and organizations.
    • Recall, give examples of, describe, explain, discuss, categorize, and critique security technologies and how they are used in society.
    • Recall, give examples of, describe, explain, discuss, categorize, and critique security technologies and how they are used in society.
    • Design, describe and write technology use policies, procedures and training program and judge technology contractor support services.
    • Design and write a disaster response and recovery plan to guide security operations in instances of natural or man-made disasters.
  • Security Technology Policy, Law and Ethics

    SECU-701

    This course explores sound policies, procedures and practices for using security technology tools, methods and systems within existing legislative and regulatory frameworks. Students completing this course will understand how to assess, develop, improve upon and implement sound security practices within organizations in ways that reflect due care and diligence standards of their employment field or industry. Topics addressed include: Abusive and illegal use of security technologies, forms of social and economic harms resulting from illicit use of security-related technologies; scientific misconduct in security technology R&D; international security agreements; regulation promulgation and enforcement; reasonable expectations of privacy established in case law rulings; causes of personal and vicarious civil liability; and links between personal integrity and professional ethics.

    Students completing this course will be able to:

    • Describe and give examples of how public agencies and private firms provide safety and security to employees and other members of society in contexts of continuously evolving social deviance, crime and hazards.
    • Explain and discuss how technologies simultaneously enable security threats to occur while also providing innovative methods for providing security to individuals, groups and organizations.
    • Recall, give examples of, describe, explain, discuss, categorize, and critique security technologies and how they are used in society.
    • Identify, discuss, examine, use, combine, assess and support procurement of security technologies on behalf of organizations.
    • Design, describe and write technology use policies, procedures and training program and judge technology contractor support services.
    • Design and write a disaster response and recovery plan to guide security operations in instances of natural or man-made disasters.
  • Critical Information and Infrastructure Security

    SECU-702

    This course explores economic, political, cultural, organizational and technological factors underlying information security threats and cyber conflicts, competitions and response capabilities -- and how these issues may compromise national, organization, and personal physical and cyber security. Students will learn about differing kinds of critical information Infrastructure (CII) environments; political, economic and cultural influences for protecting CII; methods of physical and cyberattacks and protection strategies; underlying causes and fundamentals of CII attacks and damage; CII security technology systems and management processes; and CII protection, response and restoration policy and action planning.

    Students completing this course will be able to:

    • Describe and explain world-wide Internet use relative to supporting critical societal functions and the implications of this for physical and information systems security.
    • Describe and explain ways in which information systems, computers and electronic devices throughout society are used to create, transmit, analyze and store data are vulnerable to various types of attacks, damage resulting from natural disasters, acts of terrorism, crime and cyber abuse
    • Describe, explain, differentiate, point out, compare, contrast, criticize and/or justify what constitutes Critical Information Infrastructure (CII) and its security in differing national political, legal and cultural environments.
    • Outline, write, discuss, change, use, analyze, design, propose and defend critical information and infrastructure protection, response and restoration action plan employing appropriate security technology systems and management processes for an organization or enterprise.
  • Security Enhanced Environmental Design

    SECU-703

    This course will provide students with an understanding of the integration of technology into security designs. Physical barriers, locks, lighting, alarm, CCTV and biometric scanning admittance systems represent relatively low-to-high tech technologies examined in this course because they used in public and private facilities, landscaping and architecture planning. This course also addresses facilities site planning with respect to various resource and security-related needs, including: Proximal labor markets, available transportation and communications infrastructure, access to educational, recreational and cultural amenities.

    Students completing this course will be able to:

    • Explain why safety and security are integral to sound environmental and facilities design practices.
    • Describe, identify, recognize, point out and/or give examples of security-related design concepts and features.
    • Contribute to creation, illustration and/or design of safe and secure facilities and outdoor environments to be occupied by people.
    • Discuss, propose and defend recommended environmental/facility design concepts for enhancing security and safety of employees and other occupants of indoor and outdoor facilities.
    • Examine, criticize and select building and/or landscape architectural features for promoting safe and secure storage and movement of vehicular/pedestrian/assets
  • Internal Organization Security Management

    SECU-704

    This course provides an essential overview of internal security theory, fundamentals, laws, regulations and investigative practices with an emphasis on established and innovative tools, methods and systems currently available to enhance internal security functions in all types of organizations. Students will learn about loss prevention and mitigation, risk analysis, security testing and assessment, and pre/post employee background checks and other types of internal investigations along with managing inter/intra organization relationships and processes between security issues stakeholders.

    Students completing this course will be able to:

    • Describe and explain orally and in writing world security threats and loss of assets that often derive from within organizations.
    • Describe, discuss, give examples of, summarize, categorize, and assess organizational losses and inefficiencies associated with security-related policies, procedures, training, technologies, management practices and activities of employees and contractors.
    • Describe, explain discover, analyze, categorize, and summarize various kinds of insider (employee) and outsider (ex/non-employee) espionage, theft, damage infliction and betrayal.
    • Write plans for, discuss, organize and support internal investigations in ways consistent with internal security theories, applicable laws, regulations and best practices for preventing loss of life, property and cyber assets.
    • Write plans for, discuss, organize and support background investigations of job applicants, current employees and existing or potential partnering firms.