BSc Information Technology Management for Business / Course details

Year of entry: 2023

Course unit details:
IT Risk, Cybersecurity and Governance

Course unit fact file
Unit code BMAN32232
Credit rating 10
Unit level Level 3
Teaching period(s) Semester 2
Available as a free choice unit? No


The increasing drive to Digital Transformation has brough about new types of risk related to the prevalence of digital at every level of organisations. The resultant security breaches have created a new awareness of risk among the public, businesses and lawmakers, as well as awareness of the need for cybersecurity risk management frameworks and education. This course unit delivers understanding of the concepts of risk, cybersecurity and governance and initial skills in applying these concepts for managing cybersecurity risks in organisational context. 


Core and only available for BSc ITMB with/without IPE.

Core for ITMB and ITMB with IE.


The course unit aims to: 

  • Enable students to understand the implication of implementing efficient strategies for undertaking and managing IT risk, cybersecurity and IT governance. 
  • Enable students to practice initial skills of managing risk strategies and applying models to support IT governance. 

Learning outcomes

  • To understand the concepts and principles of IT risk, cybersecurity and governance. 
  • To apply, critically, IT risk tools and techniques to analyse and evaluate disruptive events.
  • To develop and justify recommendations based on appropriate research.
  • To work collectively to ensure the delivery of a business-focused risk management strategy.
  • To communicate findings in writing. 


1. Digital transformation and associated security issues with new technologies 
2. Managing the risks of Digital Transformation 
3. Risk management process, architecture and structure. 
4. Risk assessment tools and techniques. 
5. Principles of IT governance and cybersecurity management 
6. IT Risks: cybersecurity principles and standards 
7. Cybersecurity risk management framework: actors, events and vulnerabilities 
8. Security by Design 

Teaching and learning methods

Lectures and example classes 
Group workshops, seminars, and case studies. 

Assessment methods

Formative: Feedback on progress with group coursework provided during group workshops.
Summative: Group coursework which will be assessed through:  a group report (60%), and an individual report (40%). 


Feedback methods

  • Informal advice and discussion during the lectures.
  • Responses to student emails and questions from course coordinator including feedback provided to a group via an online discussion forum.
  • Written and/or verbal comments on assessed/non-assessed coursework.
  • Generic feedback posted on Blackboard regarding overall performance.

Recommended reading

Fundamentals of Risk Management 5th Edition by Paul Hopkin, Kogan Page, 2018. ? Information Security Principles 3rd Edition by Andy Taylor et al. BCS, 2020.

Cyber Risk Management: Prioritize Threats, Identify Vulnerabilities and Apply Controls Kindle Edition by Christopher J Hodson, Kogan Page; 1st edition (3 Jun. 2019)

Study hours

Scheduled activity hours
Lectures 20
Practical classes & workshops 5
Independent study hours
Independent study 75

Teaching staff

Staff member Role
Erik Beulen Unit coordinator

Additional notes

Pre-requisites: Business IT Architecture (BMAN32141) and Business Analysis (BMAN24630)
Programme Restrictions: Core for ITMB and ITMB with IE
Peer Assessment: To ensure that all group members will make a significant contribution to the assignment, marks within student groups can differ based on the results of a peer assessment between group members (individual contribution sheet is attached).

For Academic Year 2023/24

Updated: March 2023

Approved by: March UG Committee

Return to course details