IY4S730-Legislation, Risk and Governance in Cyber Security - Curriculum Information

IY4S730 - Legislation, Risk and Governance in Cyber Security 01 Jul 2022 - 30 Aug 2030 | Version 1

Associated Module Information

Module Code:	IY4S730
Module Title:	Legislation, Risk and Governance in Cyber Security
Faculty:	Faculty of Computing, Engineering and Science
Faculty Group:	Computing and Mathematics
Faculty Sub Group:	Cyber Security
Module Leader:	Nisha Rawindaran
Module Team:	Rachael Medhurst, Sharan Johnstone
First Intended Intake:	SEP 2024	Final Year of Intake:	2029
Date Closed:
Credit Value:	20	Credit Level:	7
Language:	English
Percentage of Module Taught in Welsh:	0
Equivalent Module:
HECOS codes:	100376 - computer and information security	100962 - research skills	101040 - risk management
HECOS Code Weighting:	50	25	25

Document Version Information

Version	1
Valid From	01 Jul 2022
Valid To	30 Aug 2030

Module Aims

To develop a critical understanding of UK and EU legislation and organisational responsibility in relation to Cyberspace and Information Technology.

Content Summary

Legal research and interpretation

The structure of the UK & EU Judicial system.

Surveillance and monitoring of data and people.

Privacy and Rights

Public space monitoring Workplace Monitoring and retention of data Rights to Privacy & GDPR. RIPA 2000 /Investigatory Powers Act 2016

Cyber Crimes - Investigating the crimes that are committed in Cyberspace and the impact on society:

Cyber Warfare

The responsibilities and liabilities of organisations in relation to Cyber Crime.

IT Governance and Risk

Governance Frameworks and Organisational Responsibilities.

Decision making and future use of IT.

Learning and Teaching Methods

Activity Type	Hours
Lecture	24
Independent Study	78
Directed Study (including online independent learning)	48
Formative Assessment - Scheduled	2
Interdisciplinary work	12
Problem / challenge based learning	12
Practical Classes and Workshops	24
Total Hours Selected	200

Learning Outcomes

#	Learning Outcome
LO1	Through critical research, develop higher level knowledge of the UK and EU legal system in relation to Legislation, Risk and IT Governance and be able to apply the knowledge gleaned.
LO2	Critically evaluate and demonstrate a high level of understanding of Cyberlaw legislation and regulatory responsibilities and liabilities of organisations.

Module Requisites

N/A

Assessment Criteria

Assessment Category	Assessment Type	Description	Duration	Word Count	Weight (%)	Best of?	Pass Mark
Asynchronous Assessment	Professional Discussions 1	A discussion surrounding a topic area within Legislation, Risk and Governance in Cyber Security	30	1250	100	No	40

Assessment Matrix

Assessment Type	Learning Outcomes
Assessment Type	LO1	LO2
Professional Discussions 1	✘	✔

Reading List

BS EN ISO 9000: Quality management systems. ISO. British Standards Institute

BS ISO/IEC 27001: Information technology - Security techniques. Information security management systems. ISO. British Standards Institute

BS ISO/IEC 27002: Information technology - Security techniques. Code of practice for information security management. ISO. British Standards Institute

Ebert, C et al. (2020) IT Governance. IEEE software, 2020-11, Vol.37 (6), p.13-20; Los Alamitos.

Information security knowledge sharing in organizations: Investigating the effect of behavioural information security governance and national culture

Gurinskaya, A. (2018). The Expanding Boundaries of Crime Control: Governing Security through Regulation

Reccomended Reading

Murray, J (2016) Information Technology: the law and society. Oxford University Press.

Richardson, M. (2019): Cyber crime : Law & Practice. Wildy, Simmonds & Hill Publishing