The assignments that have been designed for the semester have involved building skill and confidence in obtaining software tools and gaining some proficiency in employing them to achieve specific, demonstrable security goals. The course project for INF306 does not involve a practical implementation, but rather, is more policy oriented. It will consist of a research paper on a specific IT security related law. Your specific topic will be selected from one of the 40 (or so) entries in Table 6.1 (page 91 in the current edition Kindle version) from the textbook (you may choose one not listed, but only with explicit prior permission of the instructor). This must be submitted to Blackboard for grading by 11:59 PM on the due date (check course calendar).
The body of the paper must reflect an understanding of the material presented in this course as well as an understanding of the law being researched. The paper must include a history of the law which provides a rationale as to why it was adopted. There must be discussion of the CIA or Parkerian Hexad models elements and types of risk management strategies that the law addresses and the controls it advises or provides. As appropriate, you will also address the organizational, personnel, and technical IT related impacts of both the underlying problem(s) and the law as solution. You may discuss cases involving the law and/or similar international laws.
Your paper must consist of the following:
At least five (5) pages of written content: title pages, table of contents, diagrams, and reference pages do not count for content.
Formatted using US letter sized pages (811)
12pt Times New Roman font
One inch margins
Your paper must include a complete list of APA formatted bibliographic references and include in-text citations as appropriate. You will provide at least six intellectually rigorous referenced sources in addition to the law you will be researching. The references page does not count toward your page count.