Information and Risk Management Home Page

Instructor	Dr. Srinivas Mukkamala Dr. Peter Anselmo & Dr. Andrew H. Sung
Office	Cramer 229
Email	srinivas@cs.nmt.edu, sung@cs.nmt.edu, anselmo@nmt.edu
Work	(505) 835-6036
Cellular	(505) 459-0951

Office Hours

Tuesday	4:30 pm to 5:30 pm
Thursday	4:30 pm to 5:30 pm

Class

Location	Cramer 203
Timings	Tuesday 3:00 pm to 5:30 pm
Website	http://www.cs.nmt.edu/~risk

Course Description

This course is a study of risk analysis, vulnerability assessment, treat identification, and mitigation management. This course structured as a series of lectures and discussions that provide fundamental concepts and principles of risk analysis, information system lifecycle, types of information system vulnerabilities, vulnerability analysis, treat and adversary analysis, vulnerability threat pairs, risk mitigation strategies, current technologies for vulnerability and risk assessments, common vulnerability exposure and common criteria and security testing of vulnerability assessment tools.

Please Note: Student participation is an essential part of the learning process; students will be expected to actively participate in the discussions.

Course Objective

After completion of this course, students will:

	Understand and perform risk assessments
	Perform vulnerability assessments
	Perform threat, adversarial and impact analysis
	Knowledge of vulnerabilities to information systems
	Perform likelihood analysis
	Understand vulnerability threat pairs
	Develop and design mitigation strategies
	Knowledge on common criteria and applying it to vulnerability assessment tools
	Validating the risk assessments
	Knowledge on vulnerability taxonomies and reporting vulnerabilities
	Common vulnerability exposure

Teaching Assistant(s)

Name	Vignesh Venkataramana
Office	Cramer 223
Office Hours	Thursday 2:00pm to 3:00pm and by appointment (send email)
Email	vigneshv@cs.nmt.edu
Phone	(505) 418-5800