Course Title: Information Systems Risk Management

Part A: Course Overview

Course Title: Information Systems Risk Management

Credit Points: 12.00

Terms

Course Code

Campus

Career

School

Learning Mode

Teaching Period(s)

INTE2396

City Campus

Postgraduate

145H Mathematical & Geospatial Sciences

Face-to-Face

Sem 1 2006,
Sem 2 2006,
Sem 1 2007,
Sem 1 2008,
Sem 1 2009,
Sem 1 2010,
Sem 1 2012,
Sem 1 2013,
Sem 1 2014,
Sem 1 2015,
Sem 1 2016

INTE2396

City Campus

Postgraduate

171H School of Science

Face-to-Face

Sem 1 2017,
Sem 1 2018,
Sem 1 2019,
Sem 1 2020,
Sem 1 2021,
Sem 1 2022,
Sem 1 2023

Course Coordinator: Professor Asha Rao

Course Coordinator Phone:  +61 3 9925 1843

Course Coordinator Email:  asha.rao@rmit.edu.au

Course Coordinator Location: 15.3.16

Course Coordinator Availability: By appointment, by email


Pre-requisite Courses and Assumed Knowledge and Capabilities

Required Prior Study

You should have satisfactorily completed the following courses before you commence this course.

Alternatively, you may be able to demonstrate the required skills and knowledge before you start this course.

Contact your course coordinator if you think you may be eligible for recognition of prior learning.


Course Description

This course will provide you with a strategic and in-depth knowledge of the issues involved in the evolving field of Information Systems Risk Management. It builds on the overview provided in INTE1120 Introduction to Information Security and INTE1122 Case Studies in Information Security.  

With the evolution of information systems and the increasing reliance on them for all aspects of a business, Governance, Risk Management and Compliance (GRC) are becoming increasingly important roles. This course examines risk management as well as its relationship with governance and compliance.   

You will learn how to construct the context of the organisation under consideration, as risks are very much context driven. You will then learn to find and document the risks encountered in the information systems of this organisation, and to identify the relationship between these risks and the more commonly occurring risks associated with business and/or project management. In doing this, you will closely follow the process described in the International Standard on Risk Management ISO31000.  

The theory of risk management will be accompanied by the examination of case studies – one presented by the lecturer, and the other constructed in the major simulated WIL team assignment.  

This course will prepare you for a professional career or postgraduate research in the GRC area.  

Given the importance of communication in understanding the risks faced by any business, in this course you will further develop your ability to communicate both technical and non-technical material in a range of forms (written, oral, electronic, graphic) and to tailor the style and means of communication to different audiences. In addition, you will have the opportunity to understand how to work effectively within and potentially as a leader of an interdisciplinary team.  

This course includes a simulated Work Integrated Learning (WIL) experience in which your knowledge and skills will be applied and assessed in a simulated workplace context.  


Objectives/Learning Outcomes/Capability Development

This course contributes to the following Program Learning Outcomes for MC159 Master of Cyber Security:

International Orientation and Strategic Thinking

  • Graduates will have a strategic and practical overview of the issues in information security and assurance.

Critical Analysis and Problem Solving

  • Evaluate information security risks across diverse service settings including the Internet and WWW based commerce systems, high bandwidth digital communications and funds transfer services,
  • Undertake professional careers or postgraduate research in information security or other IT related fields, acquiring the required information needed to identify real world solutions to real world information security problems.

Communication

  • Graduates will have the ability to communicate both technical and non-technical material in a range of forms (written, electronic, graphic, oral) and to tailor the style and means of communication to different audiences.

Ethical Values

  • Graduates will exhibit an ability to appreciate the ethical considerations that inform judgments and decision making in academic and professional settings.

Self-Management, Teamwork and Leadership

  • Graduates will possess the ability to work effectively within and potentially as a leader of an interdisciplinary team.


On completion of this course, you should be able to:

  1. Correlate the context of an organisation to the risks it faces in the process of conducting operations.
  2. Identify and analyse business, environmental, and information security risks arising in the Information Systems of diverse industries and organisational structures.
  3. Explore and evaluate possible solutions to risk scenarios acknowledging cost, complexity of implementation and system user impact.
  4. Correlate identified risks to continuity management issues.
  5. Utilise the principles of team dynamics and project management and the people-centred nature of Information Security.
  6. Apply ethical frameworks to all your activities including RMIT’s academic integrity policy.
  7. Communicate effective Information Systems risk management strategies to a peer audience using text, diagramatic and oral mediums.


Overview of Learning Activities

Given the socio-technical nature of cyber security and that people often form the weakest link in the security chain, this course aims to bring together technical and business knowledge. This will be done via lectorials, tutorials and a simulated WIL exercise.  

The lectorials will be face-to-face where the lecturer will place the study material (available as lecture notes and pre-lecture videos) into the context of the field, relating the more theoretical information to common day-to-day activities. Risk management needs to merge the technical and the business, and that can only happen if it is seen as a part of life, and not just as something related to computers.  

The tutorials will help to help you relate to the week’s study material via Open Source Intelligence (OSI) gathering.

A key team activity involves completion of a major simulated WIL assignment involving role playing. The team will apply risk-management principles and control measures to a company based entirely on information gathered from open sources. Teams will be formed in Week 1 and will meet every week in a formal tutorial setting. The course coordinator will provide feedback and guidance at these sessions. Teams will also be encouraged to meet informally on at least a weekly basis outside of the classroom environment to better establish good team dynamics. 

To ensure adequate progress in this major assignment, teams will maintain project management documentation and submit regular progress reports to the course coordinator. You will be assessed on a team presentation and written reports, as well as for participation during presentation of others’ work. 

All teams will be required to apply project management practices such as schedule meetings, maintain logs of meeting, allocate tasks. A write up of team dynamics and project management methods used for resolution of problems will form the project management report and will form part of the progress reports. 

All assessments will emphasise the role of ethics in the academic arena, and the application of ethical frameworks in complex settings. 

Thus, you will be actively engaged in a range of learning activities such as lectorials, tutorials, practicals, laboratories, seminars, project work, class discussion, individual and group activities. Delivery may be face to face, online or a mix of both. 

You are encouraged to be proactive and self-directed in your learning, asking questions of your lecturer and/or peers and seeking out information as required, especially from the numerous sources available through the RMIT library, and through links and material specific to this course that is available through myRMIT Studies Course


Overview of Learning Resources

The international standard ISO 31000, and the handbook HB436, will be essential reading for this course. These will be accessible via the RMIT Library. 

RMIT will provide you with resources and tools for learning in this course through myRMIT Studies Course

There are services available to support your learning through the University Library. The Library provides guides on academic referencing and subject specialist help as well as a range of study support services. For further information, please visit the Library page on the RMIT University website and the myRMIT student portal.


Overview of Assessment

Assessment Tasks

Assessment Task 1: Team-based simulated WIL project
Weighting 50% 
This assessment task supports CLOs 1-7   

Assessment Task 2:  Oral Presentation of the team project  
Weighting 10%   
This assessment task supports CLOs 5 & 7   

Assessment Task 3: Case study based in-class practical assessment 
Weighting 40% (2 ×10% interim + 20% final) 
This assessment task supports CLOs 1, 2, 3, 4, 6 & 7 

If you have a long-term medical condition and/or disability it may be possible to negotiate to vary aspects of the learning or assessment methods. You can contact the program coordinator or Equitable Learning Services if you would like to find out more.