Skip to main content

MGMT 8550 Security Management and Risk Assessment: Welcome & Course Readings

Welcome to your course guide

Please find your required library readings below. If you have problems with the links below, please contact the Library. If you have APA questions about these materials, please contact the Writing Center.

MGMT 8550 Required Course Readings


The links are for required readings found in the Walden databases ONLY. For all other readings, see your course resources.

Enter your myWalden user name and password at the prompt.

Adams, R. (2010). Prevent, protect, pursue – A paradigm for preventing fraud. Computer Fraud & Security, 7, 5–11.

Arce, I. (2003). The weakest link revisited. IEEE Security & Privacy, 1(2), 72–76.

Aytes, K. & Connolly, T. (2004). Computer security and risky computing practices: A Rational choice perspective. Journal of Organizational and End User Computing, 16(3), 22–40.

Bodin, L. D., Gordon, L. A., & Loeb, M. P. (2008). Information security and risk management. Communications of the ACM, 51(4), 64–68.

Brown, W., & Nasuti, F. (2005). Sarbanes-Oxley and enterprise security: IT governance—What it takes to get the job done. Information Systems Security, 14(5), 15–28.

Cavusoglu, H., Mishra, B., & Raghunathan, S. (2005). The value of intrusion detection systems in information technology security architecture. Information Systems Research, 16(1), 28–46.

Delaney, B. L., Klein, S. R., Marion, C. S., Nguyen, D. T., & Pachman, T. S. (2005). California privacy and security legislation affects entire nation. Intellectual Property & Technology Law Journal, 17(3), 21–24.

Diffie, W. (2008). Information security: 50 years behind, 50 years ahead. Communications of the ACM, 51(1), 55–57.

Doherty, N. F., & Fulford, H. (2006). Aligning the information security policy with the strategic information systems plan. Computer & Security, 25, 55–63.

Doomun, M. R. (2008). Multi-level information system security in outsourcing domain. Business Process Management Journal, 14(6), 849–857.

Gordon, L. A., & Loeb, M. P. (2006). Economic aspects of information security: An emerging field of research. Information Systems Frontiers, 8(5), 335–337.

Halpern, D., Reville, P., & Grunewald, D. (2008). Management and legal issues regarding electronic surveillance of employees in the workplace. Journal of Business Ethics, 80(2), 175–180.

Khoo, B., Harris, P., & Hartman, S. (2010). Information security governance of enterprise information systems: An approach to legislative compliant. International Journal of Management and Information Systems, 14(3), 49–55.

Lindström, J., Samuelsson, S., & Hägerfors, A. (2010). Business continuity planning methodology. Disaster Prevention and Management, 19(2), 243–255.

McAdams, A. C. (2004). Security and risk management: A fundamental business issue. Information Management Journal, 38(4), 36–44.

Oppliger, R. (2007). IT security: In search of the Holy Grail. Communications of the ACM, 50(2), 96–98.

Rose, C. (2011). The security implications of ubiquitous social media. International Journal of Management and Information Systems, 15(1), 35–40.

Rotvold, G. (2008). How to create a security culture in your organization. Information Management Journal, 42(6), 32–38.

Saint-Germain, R. (2005). Information security management best practice based on ISO/IEC 17799. Information Management Journal, 39(4), 60–66.

Sherif, J. S., & Gilliam, D. P. (2003). Deployment of anti-virus software: A case study. Information Management & Computer Security, 11(1), 5–10.

Stohl, M., Myers, P., & Danis, M. (2008). The dark side of WEB 2.0: Criminals, terrorists, the state and cyber security. Harvard Asia Pacific Review, 9(2), 47–50.

Trim, P. R. (2005). Managing computer security issues: Preventing and limiting future threats and disasters. Disaster Prevention and Management, 14(4), 493–505.

Whitten, D. (2008). The Chief Information Security Officer: An analysis of the skills required for success. The Journal of Computer Information Systems, 48(3), 15–19.

Zhao, N., Yen, D. C., & Chang, I. (2004). Auditing in the e-commerce era. Information Management & Computer Security, 12(5), 389–400.

Other Readings

Optional or supplemental readings may or may not be available in the library. Find further information about optional readings here.

If you have questions about your required course textbooks, please contact Customer Care at