vcc.ca
CYBR 1104: IT Risk
Effective date
September 2024
Department
Cybersecurity PDD
School
Continuing Studies
Description
In this course, students will learn the basics about risks and controls with a focus on those related to Information Technology. Students will learn about the different responses to IT risks, explore different IT risk management frameworks and tools, and practice communicating IT risks and mitigations to different stakeholders at an organization.
Credits
3.0
Year of study
1st Year Post-secondary
Prerequisites
None
Corequisites
None
Course Learning Outcomes
Upon successful completion of this course, students will be able to:
- Discuss risks and controls including their importance in a business environment
- Explain the possible responses to risks, including the change in probability and impact
- Give examples of possible controls in response to common IT risks
- Describe the differences between inherent risk and residual risk
- Describe IT risk management frameworks in the context of different organizational situations
- Summarize the benefits and drawbacks of different IT risk management tools in assisting with responding to IT risks
- Analyze risk mitigation plans and communicate possible improvements using written and verbal communication methods
- Evaluate the IT risks and controls in different scenarios for different stakeholders within an organization
- Discuss how IT risks extend beyond an organization to related third parties and the related IT risk considerations and impact
Prior Learning Assessment & Recognition (PLAR)
None
Hours
Lecture, Online, Seminar, Tutorial: 45
Total Hours: 45
Total Hours: 45
Instructional Strategies
Instructional strategies include classroom lectures, group work/discussions, presentations, case studies, and writing activities.
Grading System
Letter Grade (A-F)
Passing grade
C
Evaluation Plan
|
Type |
Percentage |
Assessment activity |
|
Assignments |
20 |
Assignment(s) involving IT risk management plan |
|
Assignments |
20 |
Assignments involving one or more case studies |
|
Quizzes/Tests |
15 |
Quizzes |
|
Assignments |
15 |
Presentations |
|
Final Exam |
30 |
Final exam |
Course topics
- Introduction to risks and controls
- Responses to risks
- Inherent and residual risk
- Introduction to IT and cybersecurity Risk
- IT risk management frameworks, such as NIST, ISO, COBIT and COSO
- Risk mitigation plans and controls
- IT governance and risk management
- Third party and supply chain risk management
- Risk communication and reporting
- IT risk management tools and technologies
Notes:
- Course contents and descriptions, offerings and schedules are subject to change without notice.
- Students are required to follow all College policies including ones that govern their educational experience at VCC. Policies are available on the VCC website at:
https://www.vcc.ca/about/governance--policies/policies/. - To find out if there are existing transfer agreements for this course, visit the BC Transfer Guide at https://www.bctransferguide.ca.