MIT644 IT Governance and Risk Management

Unit outline

Important Update: Our aim is to provide you with an optimal learning experience, regardless of how this unit is delivered. Teaching will be delivered in line with the most current COVID Safe health guidelines.  This may include a mix of online and face-to-face.  Please check the learning management system for announcements and updates. Thank you for your flexibility and commitment to studying with Sydney Institute of Higher Education. 
Enrolment modes: Year 2, Semester 2
Credit point(s): 12.5
EFTSL value: 0.125
Prerequisite: MIT641 Management Information Technology
Typical study commitment: Students will on average spend 10 hours per week over the teaching period undertaking the teaching, learning and assessment activities for this unit.
Scheduled learning activities: 4 timetabled hours per week, 6 personal study hours per week
Other resource requirements: Students will need access to lab computers or will need their own laptops in order to carry out lab exercises and assignments.

Unit description 

This unit aims to develop an understanding of the underlying concepts of Information Technology governance and risk management. This unit will cover the definition and implementation of processes, structures, and relational mechanism that enable both business and IT people to execute their responsibilities in support of business/IT alignment and the creation of value from IT-enabled business investments. Students will learn how an effective IT governance strategy in place will protect the intellectual property, reducing the risk of cyberattacks and infringements. Students will learn IT governance standards and frameworks for protecting information and privacy and mitigating the breach regulations.

Unit learning outcomes (ULO)   

On the successful completion of this units student will be able to:
ULO1 Conceptually map the role of Information Technology governance in corporate  design, development and execution.
ULO2 Interrogate causes and symptoms of ineffective or poor Information Technology governance to develop a governance framework.
ULO3 Develop, implement and evaluate the governance of a specified IT project and report on its success or failings.  
ULO4 Devise and validate an integrated Information Technology governance framework which demonstrates its suitability across corporate strategy.
ULO5 Adapt and utilize IT governance standards and framework for protecting information and privacy and mitigating the breach regulations.

Topics to be included in the unit

1. Introduction to IT Governance and Risk Management
2. Intellectual Capital and The Information Economy
3. Governance and Risk Management
4. Components of IT Governance
5. IT Governance Frameworks and Standards: The ITIL/COBIT/ISO27002 Joint Framework
6. The Calder-Moir Framework
7. Information Security policy and scope
8. Human Resource Security
9. Physical and environmental security
10. Communications and operations management
11. Project Governance
12. Data Governance & Revision


Assessment Description Grading and weighting
(% total mark for unit)
Indicative due week 
Assessment 1: Class Participation 10% 12
Assessment 2: Quiz 20% 5
Assessment 3: Group Report 20% 10
Assessment 4: Group Presentation 10% 11
Assessment 5: Final Exam 40% Final exam week

The assessment due weeks provided may change. Your lecturer will clarify the exact assessment requirements, including the due date, at the start of the teaching period.