Professional Documents
Culture Documents
ITS 6002 Course Outline
ITS 6002 Course Outline
PART 1
INTRODUCTION
In the 21st century Information and Communications Technology (ICT) enabled business enterprises,
Information Technology (IT) risks matter more than ever. IT risk is defined as the business risk
associated with the use, ownership, operation, involvement, influence and adoption of IT within an
enterprise. Absence of IT risk management provides opportunities to risk incidents, carrying a much
higher price tag than they used to. IT Risks not only have severe financial implications, but damage
corporate reputations and dampen competitive advantage. Effective management of IT risks can help
organizations to capitalize on opportunities and minimize threats. This course will train the students to
become a proactive risk manager by understanding both qualitative and quantitative approaches to
risk management. Further, students will also learn how to establish an acceptable level of risk, how to
evaluate and respond to various risks by developing a practical risk response plan. The course includes
a special focus on Cyber Security , given its growing importance.
1
COURSE LEARNING OUTCOMES (CLO)
At the end of this course, the students will be able to:
CLO1: Describe in detail the types of IT risk faced by an enterprise and its implications to the
enterprise’s present and future (PLG1).
CLO2: Identify various types of IT risks faced by an enterprise and apply concepts/techniques to
categorize and prioritize them; develop a clear way of managing the risks identified (PLG2).
COURSE CONTENT
This course will cover understanding of risk management processes required dealing with four types
of IT risks viz. Availability, Access, Accuracy and Agility.
This course also covers IT risks associated with IT outsourcing and IT enabled organizational change
This course also introduces following three core disciplines to address aforementioned risks that the
decision makers of various enterprises must master to manage IT risk effectively.
o A solid foundation of IT assets, people and supporting processes and controls
o A well designed risk governance process
o A risk aware culture
a) Information Technology and Risk Management in Enterprise Environments by Jake Kouns and
Daniel Minoli , Published by Wiley
b) IT Risk : Turning Business Threats into Competitive Advantage by George Westerman and
Richard Hunter , Published by HBS Press
c) Information Security and IT Risk Management – Manish Agarwal, Alex Campoe and Eric Pierce,
Wiley India.
d) CISA Certified Information Systems Auditor Study Guide . 4th Edition , David L.Cannon, Brian
T.O'Hara and Allen Keele
POLICY ON PLAGIARISM:
2
Plagiarism percentage score up to 5% in submission of any word based assignment is permitted.
Beyond this percentage, negative marks would be applied as penalty.
Sl Unit of
Evaluation type Weightage Time CLO
No. Evaluation
1 Quizzes Individual 10% anytime NA
Pre-work and Class work
2 Submissions/Presentation Group 20% Ongoing NA
s
3
PART 2: SESSION PLAN
Note : The Caselets listed under the column titled "Reading" will be sent /uploaded a few
days ahead of the respective sessions
Additional
Session Topic Pedagogy Reading Reading &
References*
Introduction to IT Risk Lecture Developing a Common
1 Management, Language About IT Risks b
And 4A's Framework
IT Risks in Partner
systems, IT Risks in
outsourcing, Legal
4 aspects of IT Risk Lecture
management, Business
community planning
and DRP
Lecture
Information security
8 Risk management
Student
standards
Presentations
4
Additional
Session Topic Pedagogy Reading Reading &
References*
Governing Information
Information security Lecture and
Technology Risk
9 risk management Student
Pre-read: Risk Management
methods and tools presentations
Guide for IT System: NIST
5
PLG MAPPING FOR THE COURSE
Addressed CLO
PLG# Program Level Learning Goal by Course?
No.
(Yes / No)
Application of Fundamentals
PLG1 Traits: Demonstrate application of functional / conceptual Yes CLO 1
knowledge to business situations
Integrative Thinking
Effective Communication
PLG4 Traits: Demonstrate proficiency in Oral and Written No NA
Communication
Ethical Responsibility
PLG5 Traits: Demonstrate awareness and assess impact of ethical No NA
behavior on business
PLG6 Leadership No NA
Traits: Demonstrate capability to take leadership role in a
6
business situation
**************