Information Systems Risk and Security
Duration: 1 Teaching Period
Unit Code: INF30020
Contact Hours: Recommended 10 hours of study per week
About this unit
Students are introduced to information risk and security management in contemporary enterprise. The unit engages students with the knowledge and techniques applied by organisations to manage risks and provide for information security. This includes the implementation of appropriate information management plans, assurance processes, standards and frameworks. Students will learn about the legal, professional and ethical responsibilities of information risk and security management through real-world case based scenarios and become familiar with approaches to information governance and assurance including the automated tools and approaches that are used by organisations.
Topics may include:
- an introduction to Information Systems risk and security
- risk management, assessment and mitigation
- information security management, governance and assurance
- the role of policies and standards in IS risk and security management
- contingency planning, including incident management, business continuity and disaster recovery planning
- fraud and forensic auditing: fraud, cybercrime, forensic auditing and continuous monitoring
- compliance frameworks and legal, professional and ethical issues in IS security and risk management
- major theories, concepts and methodologies for managing information systems and assuring the integrity and security of information assets
- the socio-technological dimensions (human and organisational factors) in IS security and risk management.
View further information on this unit.