• CSU HOME
• CSU NEWS
• LIBRARY
• CURRENT STUDENTS
• STAFF
• CONTACT CSU

Handbook 2013

• CSU Handbook
  • Rules and Regulations
• + About CSU
  • History and Future
  • University Management
  • Academic Governance
  • CSU Student Charter
  • Research
  • Fees/Financial Assistance
  • Services and Facilities
• Principal Dates
• + Courses
  • Undergraduate Courses
  • Postgraduate Courses
  • International Courses
• Subjects
  • A-Z Subject List
  • Subjects by Discipline Area
• Previous Handbooks

• General CSU Contacts

ITC596 IT Risk Management (8)

CSU Discipline Area: Computing (COMPU)

Duration: One session

Abstract:

This subject provides students with a thorough background in IT security risk management issues. A comprehensive selection of risk management techniques are covered, including quantitative, qualitative, and relational methods. Other topics include security decision-making, risk mitigation, risk transference and business continuity planning.

Prerequisite(s):

ITI500

Enrolment restrictions:

Available only to students in: Master of Information Systems Security Master of Management (Information Technology) Master of Business Administration (Computing) Graduate Certificate in Information Systems Security

Objectives:

Upon successful completion of this subject, students should:

- be able to describe the goals of risk management;
- be able to explain the various key terms used in risk management;
- be able to compare and contrast the quantitative and qualitative risk management approaches;
- be able to discuss the difference between actual and perceived risks;
- be able to perform a quantitative risk management analysis;
- be able to describe the relational approach to risk management;
- be able to describe several well known qualitative risk analysis methods;
- be able to describe the various approaches for mitigating security risk;
- be able to discuss the issues involved in using insurance as a means of transferring IT risk;
- be able to describe the business impact assessment process;
- be able to discuss the implications of using fear to promote security in the business environment;
- be able to list and describe the fundamental rules of security;
- be able to describe the various categories of vulnerabilities targeted by attackers;
- be able to explain the security benefits of using intrusion detection systems, firewalls, and vulnerability scanners;

Syllabus:

The subject will cover the following topics:

Information security basics Fundamental security rules Security decision making Practising security Foundations of risk management (1) Foundations of risk management (2) Quantitative risk assessment Relation risk assessment Qualitative risk assessment Risk mitigation Risk transference Business continuity planning

Back

The information contained in the 2013 CSU Handbook was accurate at the date of publication: 24 April 2013. The University reserves the right to vary the information at any time without notice.

• CSU Home
• CSU Courses
• CSU Site Map
• Legal
• Search
• IT Service Desk
• Current Students
•  ©  Charles Sturt University  CRICOS 00005F (NSW), 01947G (VIC) and 02960B (ACT).