Communications of the Association for Information Systems
Due to several recent highly publicized information breaches, information security has gained a higher profile. Hence, it is reasonable to expect that information security would receive an equally significant emphasis in the education of future systems professionals. A variety of security standards that various entities (e.g., NIST, COSO, ISACA-COBIT, ISO) have put forth emphasize the importance of information security from the very beginning of the system development lifecycle (SDLC) to avoid significant redesign in later phases. To determine the emphasis on security in typical systems analysis and design (SA&D) courses, we examine (1) to what extent security is emphasized in the core SA&D courses and (2) at what phase in the SDLC do most SA&D courses begin to emphasize security. In order to address these questions, we reviewed SA&D textbooks currently on the market to identify how extensively they cover security-related issues. Given the fairly high awareness of information security in practice, we expected to see an equally high emphasis on such matters in the textbooks. However, our review suggests that this is not the case, which suggests a gap in our preparation. To address this gap, we offer a proposal for modifying a portion of the SA&D curricula.
Copyright © 2015, Association for Information Systems
Association for Information Systems
Salisbury, William David; Ferratt, Thomas W.; and Wynn, Donald E., "Assessing the Emphasis on Information Security in the Systems Analysis and Design Course" (2015). MIS/OM/DS Faculty Publications. 48.
Business Administration, Management, and Operations Commons, Databases and Information Systems Commons, Management Information Systems Commons, Management Sciences and Quantitative Methods Commons, Operations and Supply Chain Management Commons, Other Computer Sciences Commons