This course gives an introduction into information assurance, describes the vulnerabilities of IT infrastructures, as well as security threats faced by enterprises today. Based on the basic principles and strategies of information assurance, the course will also examine risk management, the development of security policies, guidelines, awareness programs, employment practice and policies, legal and ethical issues, as well as auditing IT security. It covers broad topics including contemporary issues in computer security, sources of computer security threats and appropriate reactions, encryption and decryption techniques; secure encryption systems; program security algorithms, trusted operating systems; database security issues and solutions, network and distributed system security models, administering security. In all listed topics the legal and ethical security issues with respect to information assurance is also given.