USQ Logo
The current and official versions of the course specifications are available on the web at
Please consult the web for updates that may occur during the year.

CIS8712 Information Assurance and Risk Management

Semester 3, 2020 Online
Short Description: Information Assurance and Risk
Units : 1
Faculty or Section : Faculty of Business, Education, Law and Arts
School or Department : School of Management and Enterprise
Student contribution band : Band 2
ASCED code : 020399 - Information Systems not elsewh
Grading basis : Graded


Examiner: Raj Gururajan


Risk Management is at the core of protecting a business or organisation against cyber threats, while enabling operational and innovative business activity. Identifying information assets to protect, understanding organisational risk tolerance and assuring the operation of an appropriate control set is at the core of an effective cyber security strategy. This course explores and provides insights, strategies and skills in designing, operating and evaluating an information assurance and risk management function.


This course explores identification of information assets, evaluation of cyber security controls and risk management across the spectrum of the cyber security functions. A variety of industry standard risk management frameworks and approaches are reviewed and analysed in order to provide a comprehensive perspective on developing a mature risk management strategy. Information assurance approaches and skills are examined to test and validate the effectiveness and appropriateness of the control environment, and communicate this to organisational and external stakeholders.


On successful completion of this course students should be able to:

  1. apply specialised knowledge relating to risk management and information assurance as it relates to information security and cybersecurity;
  2. analyse critically, reflect on and synthesise complex issues, frameworks, problems, concepts and theories relating to the role or organisational cyber risk management and the information assurance function;
  3. examine and then apply specialist knowledge and skills in developing and implementing cyber risk management and an information assurance function;
  4. research and review sources of specialist risk management knowledge relating to cyber security, and how these can be applied towards specific organisational requirements;
  5. interpret, articulate and communicate complex issues relating to risk management and information assurance in cyber security to achieve targeted outcomes.


Description Weighting(%)
1. Risk Management frameworks 10.00
2. Implementing risk management practices 20.00
3. Cyber Security controls 20.00
4. Information Assurance Practices and Processes 20.00
5. Communicating Risk 20.00
6. Risk management for emergent threats 10.00

Text and materials required to be purchased or accessed

ALL textbooks and materials available to be purchased can be sourced from USQ's Online Bookshop (unless otherwise stated). (

Please contact us for alternative purchase options from USQ Bookshop. (

There is no prescribed textbook for this course, required materials will be packaged with lecture content and materials.

Reference materials

Reference materials are materials that, if accessed by students, may improve their knowledge and understanding of the material in the course and enrich their learning experience.

Student workload expectations

Activity Hours
Directed Study 65.00
Private Study 100.00

Assessment details

Description Marks out of Wtg (%) Due Date Objectives Assessed Notes
Online Test 20 10 04 Dec 2020 1,2
Written Assignment 100 40 15 Jan 2021 2,3,4,5
Open Exam 100 50 End S3 3,4,5,6

Important assessment information

  1. Attendance requirements:
    It is the students' responsibility to attend and participate appropriately in all activities scheduled for them, and to study all material provided to them or required to be accessed by them, to maximise their chance of meeting the objectives of the course and to be informed of course-related activities and administration.

  2. Requirements for students to complete each assessment item satisfactorily:
    To satisfactorily complete an individual assessment item a student must achieve at least 50% of the marks for that item.

  3. Penalties for late submission of required work:
    Students should refer to the Assessment Procedure (point 4.2.4)

  4. Requirements for student to be awarded a passing grade in the course:
    To be assured of receiving a passing grade a student must obtain at least 50% of the total weighted marks available for the course (i.e. the Primary Hurdle).

  5. Method used to combine assessment results to attain final grade:
    The final grades for students will be assigned on the basis of the aggregate of the weighted marks obtained for each of the summative items for the course.

  6. Examination information:
    An open examination is one in which candidates may have access to any printed or written material and a calculator during the examination.

  7. Examination period when Deferred/Supplementary examinations will be held:
    Any Deferred or Supplementary examinations for this course will be held during the next examination period.

  8. University Student Policies:
    Students should read the USQ policies: Definitions, Assessment and Student Academic Misconduct to avoid actions which might contravene University policies and practices. These policies can be found at

Assessment notes

  1. Referencing in assignments must comply with the Harvard (AGPS) referencing system. This system should be used by students to format details of the information sources they have cited in their work. The Harvard (APGS) style to be used is defined by the USQ library’s referencing guide. This guide can be found at

Evaluation and benchmarking

In meeting the University’s aims to establish quality learning and teaching for all programs, this course monitors and ensures quality assurance and improvements in at least two ways. This course:

Conforms to the USQ Policy on Evaluation of Teaching, Courses and Programs to ensure ongoing monitoring and systematic improvement and is benchmarked against the internal USQ accreditation/reaccreditation processes which include (i) stringent standards in the independent accreditation of its academic programs, (ii) close integration between business and academic planning, and (iii) regular and rigorous review.

Date printed 12 February 2021