ITC596 IT Risk Management (8)

This subject provides students with a thorough background in IT security risk management issues. Comprehensive selections of risk management techniques for IT security are covered, including quantitative and qualitative methods. Other topics include security decision-making, risk mitigation, risk transference and business continuity planning.


Session 1 (30)
On Campus
CSU Study Centre Brisbane
Port Macquarie Campus
Session 2 (60)
On Campus
CSU Study Centre Brisbane
CSU Study Centre Melbourne
CSU Study Centre Sydney
Session 3 (90)
On Campus
CSU Study Centre Melbourne
Wagga Wagga Campus

Continuing students should consult the SAL for current offering details: ITC596. Where differences exist between the Handbook and the SAL, the SAL should be taken as containing the correct subject offering details.

Subject Information

Grading System



One session


School of Computing and Mathematics

Enrolment Restrictions

Only available to postgraduate students.

Learning Outcomes

Upon successful completion of this subject, students should:
  • be able to justify the goals and various key terms used in risk management and assess IT risk in business terms;
  • be able to apply both quantitative and qualitative risk management approaches and to compare and contrast the advantages of each approach;
  • be able to critically analyse the various approaches for mitigating security risk, including when to use insurance to transfer IT risk;
  • be able to critically evaluate IT security risks in terms of vulnerabilities targeted by hackers and the benefits of using intrusion detection systems, firewalls and vulnerability scanners to reduce risk.


This subject will cover the following topics:
  • Information security basics.
  • Fundamental security rules.
  • Security decision making.
  • Practising security.
  • Foundations of risk management.
  • Quantitative risk assessment.
  • Qualitative risk assessment.
  • Risk mitigation.
  • Risk transference.
  • Business continuity planning.

Indicative Assessment

The following table summarises the assessment tasks for the online offering of ITC596 in Session 3 2020. Please note this is a guide only. Assessment tasks are regularly updated and can also differ to suit the mode of study (online or on campus).

Item Number
Value %
Online quizzes
Risk assessment
Develop a security policy
Contingency planning
Final exam

The information contained in the CSU Handbook was accurate at the date of publication: May 2021. The University reserves the right to vary the information at any time without notice.