IY1S409 - Information Security and Governance 01 Jul 2022 - 31 Aug 2028 | Version 1

Associated Module Information

Module Code: IY1S409
Module Title: Information Security and Governance
Faculty: Faculty of Computing, Engineering and Science
Faculty Group: Cyber Security
Faculty Sub Group: Cyber Security
Module Leader: Emma Derbi
Module Team: Joshua Richards, Rachael Medhurst, Beth Jenkins, Sharan Johnstone, Andrew Bellamy, Madhu Khurana, Peter Eden, Richard Ward, Arun Kumar, Nisha Rawindaran, Mamoun Qasem
First Intended Intake: SEP 2022 Final Year of Intake:
Date Closed:
Credit Value: 20 Credit Level: 4
Language: English
Percentage of Module Taught in Welsh: 0
Equivalent Module:
HECOS codes: 100376 - computer and information security
HECOS Code Weighting: 100

Document Version Information

Version 1
Valid From 01 Jul 2022
Valid To 31 Aug 2028

Module Aims

Develop the knowledge of the underlying principles of IT Governance and Information Security.

Content Summary

  • Introduction to IT Governance and the relevance to industry.

  • Introduction to Risk management

  • legislation – GDPR etc. Introduction to Privacy for the IT professional (Privacy/Privacy Notice, Security & Data Governance/Data Life Cycle & Protection)

  • Introduction to IT related Frameworks (Cyber Essentials/plus/IASME/ISO 27001/2)

  • Developing policies/standards & guidelines/privacy policies etc.

  • Layers of an organisation/introduction to security audits.

Learning and Teaching Methods

Activity Type Hours
Lecture 12
Practical work 23
Independent Study 92
Directed Study 60
Formative Assessment - Scheduled 1
Flexi Activity 12
Total Hours Selected 200

Learning Outcomes

# Learning Outcome
LO1 Demonstrate a comprehensive understanding of the principles and practices required to effectively plan and develop IT Governance.
LO2 Demonstrate and exhibit knowledge of a comprehensive understanding the relation between Information Security and IT Governance.

Module Requisites

N/A

Assessment Criteria

Assessment Category Assessment Type Description Duration Word Count Weight (%) Best of? Pass Mark
Synchronous Online Oral Assessment Oral Assessment (Externally assessed, Online) 1 15-minute presentation on allocated project. 15 N/A 40 No 40
Asynchronous Assessment Report 1 Report 0 2000 60 No 40

Assessment Matrix

Assessment Type Learning Outcomes
LO1 LO2
Oral Assessment (Externally assessed, Online) 1
Report 1

Reading List

Essential Reading:

Calder, A. (2019) Implementing Information Security Based on ISO27001/2. Cambridgeshire: IT Governance Publishing.

Blokdyk, G. (2019). ISO 27005: A complete Guide. Brendale: 5STARCooks

Recommended Reading:

Calder, A. (2014). Cyber Essentials. Cambridgeshire: IT Governance Publishing.

Calder, A (2007). IT Governance: a pocket guide. Cambridgeshire: IT Governance Publishing.

Online Version:

https://rl.talis.com/3/southwales/lists/B2B862C3-0AF9-5DBB-C885-65CA41589D18.html?lang=en&login=1