Subject details

  • Topics
    • Theoretical foundations and concepts of Risk, Risk Management, Risk Assessment, & Risk Mitigation
    • IS/IT/Information Security governance, management, strategy, standards, and best practices
    • Strategic Risk Management approach
    • Contingency planning including business continuity and disaster recovery planning
    • Incident management, computer security incident management
    • Laws, regulations, compliance and ethics in the context of IS/IT/Information security
    • Human factors and organisational factors impact to risk management

Students who successfully complete this subject will be able to:

  1. Demonstrate critical thinking and systematically apply Risk Management concepts to address strategic organisational IS/IT/Information security issues
  2. Critically reflect on and evaluate the challenges and impact of a multitude of factors (e.g,. human, organisation, nature & environment, regulations, and politics) to IS/IT/Information Security management
  3. Adopt a critical approach to IS/IT risk and security management including making recommendations based on sound theory and practice
  4. Demonstrate the ability to conduct an independent scholarly research on the literature and practice relevant to Information Security, IS/IT Risk Management, and the Industry best practices pertaining IS/IT security
  5. Demonstrate ability to communicate effectively as a professional and function as an effective leader or member of a diverse team.
  • Assignment 1 - Assignment 1 - Individual (30-40%) (0%)
  • Assignment 2 - Project - Group (30-50%) (0%)
  • Assignment 3 - Assignment 2 - Individual (20-30%) (0%)

Textbooks are subject to change within the academic year. Students are advised to purchase their books no earlier than one to two months before the start of a subject

Entry Requirements

You must have successfully completed the following subject(s) before starting this subject:

Special requirements

No special requirements

This subject aims to provide insights into critical IS/IT & Information Security risk, as well as the corresponding security management issues facing business managers in the effective use of Information Technology in contemporary organisations. In addition, the subject intends to foster a robust understanding of, and develop the skills required to adopt and implement, an effective Risk Management strategy in line with the Industry best practice in IS/IT Risk Management.

Related degrees