This module introduces students to concepts of Information technology governance, and the major governance policies which organisations use to manage their IT operations efficiently, safely and with a high degree of security. Frameworks such as COBIT, and ITIL are briefly explained and the elements of these frameworks relating to cybersecurity risk management. International cybersecurity standards, NIST-CSF, and HITRUST-CSF are explained. The module then examines cybersecurity risk categories, quantitative and qualitative risk assessment techniques, and management and operational risk mitigations. Finally, generic industry and public service organisations are examined: manufacturing, financial services, healthcare, government; from the point of view of cybersecurity compliance regulations.

1. Outline and describeInformation Technology governance rulesand policies which ensure effective, controlled and secure operation of an organisation’s IT infrastructure and data.

2. Utilise qualitative and quantitative methods to assess cybersecurity risks in an organisation.

3. Examine a Risk Management Framework (RMF) which implements organisation-wide cybersecurity policies, controls and mitigations to reduce the impact malicious attacks on enterprise infrastructure and data.

4. Explain international cybersecurity standardsand illustratethe context in which these are used to defend against cybersecurity threats.

5. Demonstrate an understanding of the specific regulatory and cybersecurity compliance requirements in industry specific environments: Financial Services, Healthcare, Manufacturing industry, Military and Government organisations.

This module aims to explore the management and administration of a large, multi-user database management system. This module is designed for large systems with multiple concurrent users and will focus on management tools and using SQL to control the database. The module will examine the architecture of Database systems exploring background processes, access control, data dictionary, transaction logs and parameter files. The module will also examine how to administer a database system with a focus on developing a security plan for users accounts, passwords, roles and permissions.

1. Install and configure a multi-user database.

2. Describe the memory structures, processes and transaction management of a database management system.

3. Create users and manage security privileges using Structured Query Language (SQL).

4. Create and manage database objects and storage structures using Structured Query Language (SQL).

5. Describe the databases recovery structures, processes and procedures.

This module aims to introduce learners to the fundamentals of IT project management with reference to the Project Management Book of Knowledge (PMBOK) and Project in Controlled Environments (PRINCE2) and the application of a Project Management tool. They will experience a project team environment by creating a project proposal, and associated plan.

1. Relate PRINCE2 processes to an IT Project.
2. Create, monitor and analyse a project plan using a project management software application.

3. Develop the relevant project management deliverables.

4. Describe and apply several project management tools and metrics for each project management phase.

5. Describe and apply project risk management.

6. Assess and appreciate the human side of project management.

This module explores the security issues relating to cloud data security as well as best practices, tools and approaches to ensure that the cloud infrastructure and data is protected. The module will explore cloud computing architectures and evaluate the security benefits of cloud computing. The module will investigate risk-based authentication strategies for cloud applications and explore ways to devise strategies for testing disaster recovery and business continuity processes and activities within cloud based environments.

1. Identify and explain the elements involved in the provision of data security in a cloud environment.

2. Explore security fundamentals and evaluate cloud architectures to protect data in a cloud environment.

3. Evaluate tools and protocols for identity management and access control in a cloud environment.

4. Assess and identify the challenges associated with protecting data in a cloud environment.
5. Analyse and identify security risks for cloud based Information Systems.

This module aims to introduce learners to the fundamentals of IT operations management with reference to Service Operations within the Information Technology Infrastructure Library (ITIL). The learner will have the opportunity to develop their understanding and application of the best practices within the industry while developing communication, organisation and problem management skills.

1. Use the ITIL Service Operations terminology.

2. Apply,document and present ITIL Service Operations best practices and supporting tools.

3. Evaluate and apply ITIL Service Operations tools.

4. Demonstrate professional communication, organisation and problem-management skills.

This module provides an opportunity for the learner to apply their cybersecurity theoretical, practical and administrations skills, competences and knowledge into practice, applied to a relevant real work situation. Thus allowing the leaner to develop functioning knowledge by participating and reflecting on the process of defining, planning, monitoring, managing, implementing and evaluating a real cybersecurity related practical project.

1. Demonstrate creativity and innovation in theanalysis and problem solving skills in defining a project proposal.

2. Carry out a narrative literature review of technical articles and appropriate academic literature.

3. Develop a project plan to implement the proposed methodology.

4. Implement a project from a proposal plan through to completion stage.

5. Report, present, demonstrate and communicate the end-result including reflections and conclusions effectively.