Cyber security is often perceived as an exclusively technical discipline. However, Governance, Risk Management, and Compliance (GRC) all generally non-technical, are extremely important factors in the cyber security domain and comprise the core themes covered in this module.

In this module students will explore GRC and the many challenges regarding its successful implementation. Indicative topics include professional standards, practices, and ethics for organisations, an introduction to GRC, risk assessment methodologies, risk management objectives, roles, and responsibilities, qualitative and quantitative analysis, ISO 27001, NIST Cybersecurity Framework, OCTAVE Allegro, Risk treatment and controls, Statement of Applicability (SoA).

*Course content subject to change