Journal of Information Systems Education


Students need real-world experience. Industry needs graduating students entering the workforce to be skilled in relevant subject matter, critical thinking, and communication skills. Community-based nonprofit organizations, as well as small businesses, need help in building organizational capacity. Instructors also benefit from periodic observation of organizational work in the instructor’s area of teaching. A service-learning course that is focused on capacity building is a means to reach all of these goals. This article presents a roadmap for teaching a service-learning course in information security risk assessment. Students work in teams on a term-long project conducting an on-site risk assessment, making security recommendations, and producing and presenting a final security risk report to an organization’s management. Teaching tips are offered on course planning, launch, materials, and execution.



When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.