Syllabus for CYB-422



Cybersecurity Policies, Programs, and Compliance examines the application of cybersecurity frameworks, standards, and best practices to enterprise-level policies, plans, and programs. The course also explores formulating security policies and plans, assessing regulatory and ethical aspects of cybersecurity, developing performance metrics for cybersecurity programs, and planning audits of compliance practices and processes.



After completing this course, you should be able to:

CO1        Develop an information security strategy.

CO2        Examine information security policies, policy governance, and ethical aspects.

CO3        Evaluate risk management objectives and response recommendations.

CO4        Analyze data protection requirements and implementation.

CO5        Examine security compliance management and auditing.

CO6        Prepare information security metrics and key performance indicators.


You will need the following materials to complete your coursework. Some course materials may be free, open source, or available from other providers. You can access free or open-source materials by clicking the links provided below or in the module details documents. To purchase course materials, please visit the University's textbook supplier.

Required Textbook

ISBN-13: 978-0128020425


Cybersecurity Policies, Programs, and Compliance is a three-credit, online course consisting of six modules. Module titles are listed below.


For your formal work in the course, you are required to participate in online discussion forums, complete written assignments, take module quizzes, take a proctored midterm examination, and complete a final project. See below for details.

Consult the Course Calendar for due dates.

Promoting Originality

One or more of your course activities may utilize a tool designed to promote original work and evaluate your submissions for plagiarism. More information about this tool is available in this document.

Discussion Forums

You are required to participate in six discussion forums. The discussion forums are designed to encourage you to discuss the module topics with your classmates. In order to successfully complete the discussion forums, you need to address all items included in the forum, reply to peers thoughtfully, add value to the discussion, and apply ideas, insights, or concepts from scholarly sources, assigned readings, lectures, course materials, or other relevant sources. Replies such as “Good post” or “I agree” will not count toward your grade; your post should add value to the class.

There is also an ungraded but required Introductions Forum in Module 1.


Written Assignments

You are required to complete six written assignments. The written assignments are on a variety of topics associated with the course modules. You can refer to the Evaluation Rubrics folder in Moodle for grading rubrics for each of the written assignments.


You are required to take six quizzes, one per module. All quiz questions are true/false or multiple choice, and you may use any materials that you like in taking the quizzes. There is no time limit for taking each quiz.

Most students find that quiz-taking is an excellent way to be sure they are mastering basic concepts and terminology. You will be able to take each quiz an unlimited number of times, and the gradebook will record your most recent score.

This arrangement will allow you to go back and reread portions of the text that you need to review and then take the quiz again for further practice.

Midterm Examination

The midterm exam is two hours long and covers material from Modules 1, 2, and 3. It is closed-book and contains essay questions. The exam tests students’ knowledge of topics in information security programs and strategy, security organization structure and policies, and risk management objectives and response.

For a list of key concepts that may appear on your exam, refer to the exam study guide available in the Examinations section of the course website.

In addition to the exam study guide, a practice midterm exam is available. The practice exam is ungraded, and you may take it as many times as you'd like for additional review. The practice exam contains questions that are similar to those on the graded exam and provides feedback, so it is an effective way of preparing for the exam. In the Examinations section of the course website, click on the Practice Midterm Exam link to begin.

For the midterm, you are required to use the University's Online Proctor Service (OPS). Please refer to the Examinations and Proctors section of the Online Student Handbook (see General Information area of the course website) for further information about scheduling and taking online exams and for all exam policies and procedures. You are strongly advised to schedule your exam within the first week of the semester.

Statement about Cheating

You are on your honor not to cheat during the exam. Cheating means:

If there is evidence that you have cheated or plagiarized in your exam, the exam will be declared invalid, and you will fail the course.

Final Project

You are required to complete a final project for this course. Please see the Final Project section of the course website for further details. A grading rubric for the final project can be found in the Evaluation Rubrics folder.


Your grade in the course will be determined as follows:

All activities will receive a numerical grade of 0–100. You will receive a score of 0 for any work not submitted. Your final grade in the course will be a letter grade. Letter grade equivalents for numerical grades are as follows:






























Below 60

To receive credit for the course, you must earn a letter grade of C or better (for an area of study course) or D or better (for a course not in your area of study), based on the weighted average of all assigned course work (e.g., exams, assignments, discussion postings).


First Steps to Success

To succeed in this course, take the following first steps:

Study Tips

Consider the following study tips for success:


To ensure success in all your academic endeavors and coursework at Thomas Edison State University, familiarize yourself with all administrative and academic policies including those related to academic integrity, course late submissions, course extensions, and grading policies.

For more, see:

Copyright © 2019 by Thomas Edison State University. All rights reserved.