Course Title: Information Systems Risk Management

Part A: Course Overview

Course Title: Information Systems Risk Management

Credit Points: 12.00

Course Code




Learning Mode

Teaching Period(s)


City Campus


145H Mathematical & Geospatial Sciences


Sem 1 2006,
Sem 2 2006,
Sem 1 2007,
Sem 1 2008,
Sem 1 2009,
Sem 1 2010,
Sem 1 2012,
Sem 1 2013,
Sem 1 2014,
Sem 1 2015,
Sem 1 2016


City Campus


171H School of Science


Sem 1 2017

Course Coordinator: Associate Professor Asha Rao

Course Coordinator Phone: +61 3 9925 1843

Course Coordinator Email:

Course Coordinator Location: 8.9.17

Pre-requisite Courses and Assumed Knowledge and Capabilities

INTE1120 Introduction to Information Security
INTE1122 Case Studies in Information Security

Course Description

This course will provide you with a strategic and in-depth knowledge of the issues involved in the emerging field of Information Systems Risk Management. It builds on the overview provided in INTE1120 Introduction to Information Security and INTE1122 Case Studies in Information Security. You will learn how to document the risks and threats that are encountered in modern information security applications and to identify the relationship between these risks and the more commonly occurring risks associated with business and project management. This will be achieved through the examination of a series of case studies drawn from applied information security contexts.
This course will prepare you for a professional career or postgraduate research in the risk management area. You will be able to further develop your ability to communicate both technical and non-technical material in a range of forms (written, oral, electronic, graphic) and to tailor the style and means of communication to different audiences. In addition you will have another opportunity to understand how to work effectively within and potentially as a leader of an interdisciplinary team.
This course includes a Work Integrated Learning experience in which your knowledge and skills will be applied and assessed in a simulated workplace context.

Objectives/Learning Outcomes/Capability Development

On completion of this course you should be able to:

  1. Identify and analyse information security threats and risks arising in the Information Systems of diverse industries. 
  2. Explore and evaluate possible solutions to these risk scenarios acknowledging cost, complexity of implementation and system user impact. 
  3. Correlate identified information security risks to continuity management issues. 
  4. Utilise the principles of group dynamics and the people-centred nature of Information Security.
  5. Discriminate between commenting on and copying information.
  6. Identify and articulate (both in written form and orally to a peer audience) effective Information Systems risk management strategies.

This course contributes to the following Program Learning Outcomes for MC159 Master of Applied Science (Information Security and Assurance)

International Orientation and Strategic Thinking

  • Graduates will have a strategic and practical overview of the issues in information security and assurance.

Critical Analysis and Problem Solving

  • Evaluate information security risks across diverse service settings including the Internet and WWW based commerce systems, high bandwidth digital communications and funds transfer services,
  • Undertake professional careers or postgraduate research in information security or other IT related fields, acquiring the required information needed to identify real world solutions to real world information security problems.


  • Graduates will have the ability to communicate both technical and non-technical material in a range of forms (written, electronic, graphic, oral) and to tailor the style and means of communication to different audiences.

Ethical Values

  • Graduates will exhibit an ability to appreciate the ethical considerations that inform judgments and decision making in academic and professional settings.

Self-Management, Teamwork and Leadership

  • Graduates will possess the ability to work effectively within and potentially as a leader of an interdisciplinary team.

Overview of Learning Activities

A variety of planned student learning experiences will accommodate the learning outcomes envisaged for this course. This includes seminars, group discussions, and laboratory based learning experiences.
The seminar format will be used to give an overview of the specified study area and to direct you to foundational, analytical and evidence-based readings about risk management and its place in Information Security.
In addition to prescribed reading, you will be involved in facilitated open discussions in the seminar context, enabling you and your classmates to draw on your own professional work and life experiences, promoting interaction between those students with work experience and new graduates. A key group activity (in groups of 4 or more) involves completion of a major assignment involving role playing.  The group will apply risk-management principles and control measures to a hypothetical system. Groups will be formed in Week 1 and will meet every fortnight in a formal tutorial setting. The course leader will provide feedback and guidance at these sessions. Groups will also be encouraged to meet informally on a weekly basis outside of the classroom environment to better establish group dynamics.

To ensure adequate progress in this major assignment, groups will submit progress reports to the course leader who will provide appropriate feedback. You will be assessed on a group presentation and report, as well as participation during presentation of others’ work.
All teams will be required to schedule meetings, maintain logs of meeting, allocate work among themselves and finally arrive at a consensual percentage allocation of the final report. In-semester assessments will emphasize the role of ethics in the academic arena.


Face-to-face contact: 60 to 90 mins of seminar/discussion sessions per week, based on the online lecture material uploaded to Blackboard in the days prior to the session. This will be followed by 60 to 90mins tutorial sessions.
In addition, you can expect to spend between 6 to 8 hours per week on independent study and research of the material assigned for the week.


Overview of Learning Resources

You will be expected to expand on the subject matter provided as lecture notes. This will take the form of accessing various external and internal resources, such as the library and the Internet. Appropriate references, to be accessed from the library or elsewhere, will be used in this course.

The Internet will be the most important source for academic, technical and white papers and you will be required to use this as a learning resource on a regular basis. In addition your classmates and tutor/lecturer are also important learning resources as will be demonstrated in facilitated discussions.

Blackboard: This course is supported online using Blackboard, which gives access to important announcements, a discussion forum, staff contact details, the teaching schedule, assessment timelines. You are advised to read your student EMS e-mail daily for important announcements. You should also visit the course Blackboard site at least once a day where you will find important announcements regarding the course and all key documents.

Overview of Assessment

Assessable components of this course include demonstrable participation in formal tutorial activities, contribution to the formal written report and participation in the oral presentation to your peers; and a final examination. The final examination will test your comprehension of the course material and your ability to apply this understanding to real world problems.

Note that:
 ☒This course has no hurdle requirements.

Assessment Tasks:

Continuous Assessment Task: Weekly Pop Quiz based on the material assigned for the week’s discussion session.
Weighting 5%
This assessment task supports CLOs  1,2,3

Assessment Task 2:  Interim reports
Weighting 15%
This assessment task supports CLOs 1-6

Assessment Task 3: Final Report
Weighting 22.5%
This assessment task supports CLOs 1-6

Assessment 4:  Oral Presentation of the group assignment
Weighting 5% 
This assessment supports CLOs 1,2,3,4,6

Assessment 5: Peer Review
Weighting 2.5% 
This assessment supports CLOs 3

Assessment 6: Final Exam
Weighting 50% 
This assessment supports CLOs 1,2,3,5