This module is one of the eight modules required for the GCHQ Master's certification.
Various approaches are available concerning the identification, quantification, treatment and monitoring of information risk. There are substantial formal consequences in numerous regulated sectors for failure to deal appropriately with risk. There are substantial informal consequences in all sectors for failure to deal appropriately with risk.
This module develops an understanding, both of the risks that digital information and network assets are exposed to, and of how to the manage those risks to the benefit the enterprise; this includes home users, e-commerce, and all organisations using digital networks for infrastructure, both closed and open. Therefore, this module is relevant for the majority of organisations in existence today or likely to exist in the future.
The module equips students to establish and maintain a risk management framework to provide assurance that information security and assurance strategies are aligned with business objectives and consistent with legal and regulatory obligations. A strong focus will be put on cost effectiveness and value to the objectives of the business or enterprise.
Various approaches to information risk management and the governance are compared and contrasted. The module also covers business continuity and resilience. There is an emphasis on the practical nature of this process and issues that face managers in the real world.
Principal Learning Outcomes
- compare and contrast various approaches to information risk management and select the most appropriate for a given scenario.
- compare and contrast various approaches to information risk governance and select the most appropriate for a given scenario.
- develop appropriate approaches to business continuity and resilience.
Other useful information
This module is delivered in an intensive one-week block of directed tuition (nominally 40 hours). Students will be based in the WMG Cyber Security Centre, with most taught sessions taking place in our specialist cyber security and forensics laboratory / classrooms.
Formal assessment for this module typically comprises:
- a report, to be submitted after the taught module period (100%)
There are no pre-requisites for this module. Students who are choosing this module as part of a course other than MSc Cyber Security and Management are welcome to seek preparatory advice.
The MSc Cyber Security and Management course team regularly reviews the content provided here for currency and accuracy. Please do get in touch with any queries.Contact: email@example.com