Subject details

Students who successfully complete this subject will be able to:

  1. Demonstrate critical thinking and systematically apply Risk Management concepts to address strategic organisational IS/IT/Information security issues
  2. Critically reflect on and evaluate the challenges and impact of a multitude of factors (e.g,. human, organisation, nature & environment, regulations, and politics) to IS/IT/Information Security management
  3. Adopt a critical approach to IS/IT risk and security management including making recommendations based on sound theory and practice
  4. Demonstrate the ability to conduct an independent scholarly research on the literature and practice relevant to Information Security, IS/IT Risk Management, and the Industry best practices pertaining IS/IT security
  5. Demonstrate ability to communicate effectively as a professional and function as an effective leader or member of a diverse team.
    • Theoretical foundations and concepts of Risk, Risk Management, Risk Assessment, & Risk Mitigation
    • IS/IT/Information Security governance, management, strategy, standards, and best practices
    • Strategic Risk Management approach
    • Contingency planning including business continuity and disaster recovery planning
    • Incident management, computer security incident management
    • Laws, regulations, compliance and ethics in the context of IS/IT/Information security
    • Human factors and organisational factors impact to risk management

You must have successfully completed the following subject(s) before starting this subject:

SWI-INF80042-Technology Essentials for Managers , or SWI-INF60007-Introduction to Business Information Systems , or SWI-INF80007


OR enrolment in MA-PM, MA-PMADV, MA-PMPROF or MA-ITPC1 Students also need to complete an additional 3 units (37.5 credit points).

Special requirements

No special requirements

This subject aims to provide insights into critical IS/IT & Information Security risk, as well as the corresponding security management issues facing business managers in the effective use of Information Technology in contemporary organisations. In addition, the subject intends to foster a robust understanding of, and develop the skills required to adopt and implement, an effective Risk Management strategy in line with the Industry best practice in IS/IT Risk Management.

  • Assignment 1 - Individual (30-40%)
  • Project - Group (30-50%)
  • Assignment 2 - Individual (20-30%)

Textbook information is pending.

Related degrees

postgraduate SWI-ITP-GDI-2019

Graduate Diploma of Business Information Systems

  • Specialisation - IT Project Management
  • Specialisation - Business Analysis

postgraduate SWI-ITP-MAS-2019

Master of Business Information Systems

  • Specialisation - IT Project Management
  • Specialisation - Business Analysis