COMP47900 Cyber Risk Assessment and Standards

Academic Year 2022/2023

This module will enable students to understand each of the key steps of a risk assessment, including how to identify risks, manage hazards and determine the likelihood of harm. Students will be able to carry out a risk assessment of their own organisation or one of their choice. The module will cover the theories, concepts, and practicers of threat modeling and enterprise risk management. It will outline the context for risk management, the various methods of risk assessment and the options for risk response and mitigation.

Show/hide contentOpenClose All

Curricular information is subject to change

Learning Outcomes:

- Understand the concepts of risk, risk response and mitigation
- Identify and protecting an organization from unacceptable losses
- Apply the NIST/ISO risk management processes
- Outlining the system security boundary
- Identify security risk components
- Estimate the impact of compromises to confidentiality, integrity and availability
- Adopt the appropriate model for categorizing system risk
- Setting the stage for successful risk management
- Documenting risk assessment and management decisions

Indicative Module Content:

- Introduction to risk, risk management, risk mitigation
- Risk and the system security boundary
- Identifying security risk components
- NIST/ISO risk management processes
- Risk impact: compromises to confidentiality, integrity and availability
- Models for categorizing system risk
- Documenting critical risk assessment and management
- Collecting on-going security metrics

Student Effort Hours: 
Student Effort Type Hours




Autonomous Student Learning




Approaches to Teaching and Learning:
The module will be delivered via online lecture and 3 in-person workshops/practicals. 
Requirements, Exclusions and Recommendations

Not applicable to this module.

Module Requisites and Incompatibles
Not applicable to this module.
Assessment Strategy  
Description Timing Open Book Exam Component Scale Must Pass Component % of Final Grade
Examination: End-of-term examination 2 hour End of Trimester Exam No Graded No


Continuous Assessment: Learning Journal Throughout the Trimester n/a Graded No


Carry forward of passed components
Resit In Terminal Exam
Summer Yes - 2 Hour
Please see Student Jargon Buster for more information about remediation types and timing. 
Feedback Strategy/Strategies

• Feedback individually to students, post-assessment

How will my Feedback be Delivered?

The lecturer will provide either written or oral feedback to the students