IY2S510 - Compliance and Risk Management 01 Jul 2022 - 31 Aug 2028 | Version 1
Associated Module Information
| Module Code: | IY2S510 | ||
|---|---|---|---|
| Module Title: | Compliance and Risk Management | ||
| Faculty: | Faculty of Computing, Engineering and Science | ||
| Faculty Group: | Cyber Security | ||
| Faculty Sub Group: | Cyber Security | ||
| Module Leader: | Emma Derbi | ||
| Module Team: | Joshua Richards, Rachael Medhurst, Andrew Bellamy, Sharan Johnstone, Beth Jenkins, Peter Eden, Richard Ward, Arun Kumar, Nisha Rawindaran | ||
| First Intended Intake: | SEP 2022 | Final Year of Intake: | |
| Date Closed: | |||
| Credit Value: | 20 | Credit Level: | 5 |
| Language: | English | ||
| Percentage of Module Taught in Welsh: | 0 | ||
| Equivalent Module: | |||
| HECOS codes: | 100376 - computer and information security | ||
| HECOS Code Weighting: | 100 | ||
Document Version Information
| Version | 1 |
|---|---|
| Valid From | 01 Jul 2022 |
| Valid To | 31 Aug 2028 |
Module Aims
To develop an ability to evaluate and analyse the underlying principles of strategic risk management, governance and compliance strategies in order to manage a corporate information security governance infrastructure at the strategic and tactical levels.
To provide knowledge of the tools, techniques, frameworks and legislation associated with regulatory governance and compliance.
Content Summary
Introduction to IT Governance and risk management.
Audit process & project management.
Quality assurance & Governance/Management of IT/GDPR.
IT Related Frameworks (ISO 27001, 27002, ITIL, COBIT, NIST etc.) & Organisational Structure.
System Performance Management, Identity and Access Management & Enterprise Architecture.
Change/patch/release/incident Management
Incident Analysis and Response
Learning and Teaching Methods
| Activity Type | Hours |
|---|---|
| Online Lecture | 12 |
| Practical | 24 |
| Independent Study | 91 |
| Directed Study | 60 |
| Formative Assessment - Scheduled | 1 |
| Prerecorded Lecture | 12 |
| Total Hours Selected | 200 |
Learning Outcomes
| # | Learning Outcome |
|---|---|
| LO1 | To evaluate and analyse the tools, techniques, principles and practices associated with Cyber Governance and Compliance. |
| LO2 | To evaluate corporate governance strategies to mitigate risk. |
Module Requisites
N/A
Assessment Criteria
| Assessment Category | Assessment Type | Description | Duration | Word Count | Weight (%) | Best of? | Pass Mark |
|---|---|---|---|---|---|---|---|
| Synchronous Onsite Oral Assessment | Presentation (Synchronous Onsite) 1 | A presentation on a compliance and risk topic where knowledge and presentation skills are assessed | 15 | N/A | 30 | No | 40 |
| Asynchronous Assessment | Project 1 | A project focused on the research and analysis of cyber security governance and utilised to develop governance principles for a specified set of systems | 0 | 1500 | 70 | No | 40 |
Assessment Matrix
| Assessment Type | Learning Outcomes | ||
|---|---|---|---|
| LO1 | LO2 | ||
| Presentation (Synchronous Onsite) 1 | ✔ | ✔ | |
| Project 1 | ✔ | ✔ | |