|Faculty or Section :||Faculty of Business, Education, Law and Arts|
|School or Department :||School of Business|
|Student contribution band :||Band 2|
|Grading basis :||Graded|
|Version produced :||27 September 2022|
Risk Management is at the core of protecting a business or organisation against cyber threats, while enabling operational and innovative business activity. Identifying information assets to protect, understanding organisational risk tolerance and assuring the operation of an appropriate control set is at the core of an effective cyber security strategy. This course explores and provides insights, strategies and skills in designing, operating and evaluating an information assurance and risk management function.
This course explores identification of information assets, evaluation of cyber security controls and risk management across the spectrum of the cyber security functions. A variety of industry standard risk management frameworks and approaches are reviewed and analysed in order to provide a comprehensive perspective on developing a mature risk management strategy. Information assurance approaches and skills are examined to test and validate the effectiveness and appropriateness of the control environment, and communicate this to organisational and external stakeholders.