OL Information Risks, Threats and Controls (M)

Postgraduate | 2026

Course page banner
area/catalogue icon
Area/Catalogue
BUSI 5090
Course ID icon
Course ID
203197
Level of study
Level of study
Postgraduate
Unit value icon
Unit value
6
Course level icon
Course level
5
Study abroad and student exchange icon
Inbound study abroad and exchange
Inbound study abroad and exchange
The fee you pay will depend on the number and type of courses you study.
No
University-wide elective icon
University-wide elective course
No
Single course enrollment
Single course enrolment
No
alt
Note:
Course data is interim and subject to change

Course overview

The course Information Risks, Threats, & Controls consider a broad perspective of organisational vulnerabilities of the digital age, including Enterprise Risk Assessment. Topics addressed include recognition, analysis, and synthesis of risks, threats, and vulnerabilities, and measures to mitigate them, including policy, control, and implementation. Risk management and assurance are critical to all aspects of all businesses and on a broad level. While this course acknowledges the need to recognise and analyse risks, threats, and vulnerabilities across and within the various disciplinary structures of an organisation, (including fiscal risk, brand and reputation, production, operations, legal, and OH&S) it does so from the perspective of the responsibility for Information and Cyber Security plans to support and ensure the risk management of other departments and disciplines. The focus, throughout, is specifically on Information & Cyber Security and Data Privacy.

Course learning outcomes

  • Effectively communicate the differences between risk, threat and vulnerabilities, how they interrelate, and the principal means of recognising them.
  • Identify and communicate to clients the different types of risks and their nature, across the various core business functions and processes.
  • Demonstrate different methods of conducting risk analyses and impact assessments.
  • Detail the core requirements of an Information Risk Assurace process for an SME and for a corporation or large business.
  • Develop an Information Security Framework for a specified business.

Prerequisite(s)

N/A

Corequisite(s)

N/A

Antirequisite(s)

N/A