Information Systems Risk and Security

INF30020 12.5 Credit Points Hawthorn, Sarawak


  • One Semester or equivalent

Contact hours

  • 36 Hours

On-campus unit delivery combines face-to-face and digital learning.



Aims and objectives

In this unit students are introduced to information risk and security management in contemporary enterprise. The unit engages students with the knowledge and techniques applied by organisations to manage risks and provide for information security. This includes the implementation of appropriate information management plans, assurance processes, standards and frameworks. Students will learn about the legal, professional and ethical responsibilities of information risk and security management through real-world case based scenarios and become familiar with approaches to information governance and assurance including the automated tools and approaches that are used by organisations.
Students who successfully complete this unit will be able to: 
1. Describe the importance of information security and risks management in achieving organisational goals and objectives
2. Assess and apply information systems risk and security management standards and frameworks to real-word case based scenarios
3. Analyse major theories, concepts and methodologies for managing risks and assuring the integrity and security of information assets
4. Evaluate appropriate governance, assurance and internal control techniques for managing information risks and security
5. Communicate effectively as a professional and function as an effective leader or member of a team