To contribute to the research and take the Ethical Risk Questionnaires:
• Take the Manager Survey
• Take the Security/Risk Practioner Survey
• Take the Developer Survey
• Take the Legal Survey

Overview

Susan Lincke PhD CISA CRISC is Professor of Computer Science at the University of Wisconsin-Parkside.

Dr Susan Lincke received her MS and PhD in Computer Science from Illinois Institute of Technology, and her Bachelor's Degree in Systems Analysis from Miami University in Ohio. She has 17 years of industry experience in data and telecommunications, with Motorola, MCI, and GE, working in development, test, and project management. After earning her MS degree, Susan switched to a career in academia.

Susan's area of research is information and network security, green computing and cellular/wireless modeling and simulation. She is also interested in research-based and community-based learning.

In 2009-2013 Dr Lincke had a NSF CCLI grant, entitled: Information Security Audit: Case Study and Service Learning. In 2014-2015 Dr Lincke earned University of Wisconsin-Parkside's Excellence in Research and Creative Activity Award. In 2015 Dr Lincke published the text: Security Planning: An Applied Approach, with Springer. In 2018 Dr Lincke passed her CRISC exam.

Security Planning: An Applied Approach

The text: Security Planning: An Applied Approach is designed for the busy IT practitioner, who does not have time to become a security expert, but needs a security plan NOW. This guide, with template, helps readers to prioritize risks, conform to regulation, plan their defense, and secure proprietary/confidential information. The process becomes documented in the Security Workbook, provided with the text.

Security Planning is the first text with an optional semester-long case study. Students plan security for a doctor's office, which must adhere to HIPAA regulation.

Security Planning adopts the NSA's Center of Academic Excellence (CAE) revamped 2014 plan, addressing 5 mandatory and 15 Optional Knowledge Units.

The book was first printed spring, 2015.

NSF Grant: Information Security Audit: Case Study and Service Learning

While much of the focus in security is strictly focused on technology, such as encryption, malware, intrusion detection, and authentication, a side that is often ignored is the less technical side of IS security, including policy development, application development and control, fraud avoidance, and risk management. Such knowledge is useful for security analysts, auditors, and security-oriented systems analysts. The Information Systems Security course developed through this grant involve students working with authentic projects, including small for-profit or not-for-profit organizations. Students working with a small organization get to see a broad picture of how security can be implemented for a constrained problem.

To prepare students for such work, a case study was developed where students work with the Health First doctor's office, throughout the semester. The case study includes PowerPoint slides and a Security Workbook. The case study enables students to design a solution, which help them to apply security concepts to a real-world environment.

This work is interdisciplinary, bringing together faculty from computer science, accounting and management information systems, to ensure real business cases are considered, and to learn from each others expertise to expand our understanding of the problem.

The grant was awarded in between 2009-2013, from National Science Foundation's Course, Curriculum, and Laboratory Improvement (CCLI) program. Interested parties who would like to obtain copies of the material can request them from Susan Lincke using the email address provided above.