Course Description:
This course explores national security issues and leadership responsibilities involved in assuring the safety and security of the software component of the critical information infrastructure. It examines “building security in” to avoid software vulnerabilities that open mission-critical or national security systems to cyber attacks or terrorism. The course explores leveraging the acquisition process to implement safer and more secure software. Other topics include information assurance vis-à-vis software assurance; software assurance (SWA)-related law and public policy; national initiatives sponsored by DHS and DOD; risk management; acquisition issues: offshore development, software pedigree, and strategies for COTS development and integration services; education, training, and the SA body of knowledge; and assurance cases.

Recommended Attendance:
This course is appropriate for middle to senior leaders who are responsible for the management, acquisition or development of business, mission critical or national security systems. 

Prerequisites
None

Learning Outcomes
Students will be able to analyze law, public policy, and national security initiatives, and to develop an enterprise software assurance leadership plan (involving people, processes, techniques, and technologies) to improve safety and security of software.