UC3GRC10 IT Governance, Risk and Compliance 2

UC3GRC10 IT Governance, Risk and Compliance 2

  • Course description
    • NQF Level
      Bachelor's degree (Level 6 1. Cycle)
    • Area of Study
      Computing
    • Program of Study
      Digital Assurance and Security Management
    • ECTS
      10
    • Campus
      OnlinePLUS - Bergen, OnlinePLUS - Oslo, Online
    • Course Leader
      Piet Delport
Introduction

Language of Instruction and assessment: English
May be offered on Campus and Online.
May be offered as a separate course.

Included in the following bachelor's degrees:

  • Digital Assurance and Security Management
Course Aim(s)

This course aims to offer students an end-to-end perspective on IT Governance, Risk, and Compliance (GRC) with a focus on creating and maintaining an organizational GRC strategy, particularly emphasizing security-relevant aspects. Students acquire knowledge of the role of governance frameworks in aligning IT with organizational objectives, risk identification and classification standards and frameworks, regulatory compliance, and change management in complex IT and organizational environments. They develop skills in proposing an organizational IT security policy aligned with organizational objectives, aligning IT security policy with organizational risk capacity, appetite, and tolerance, and analyzing and evaluating IT security policy for regulatory compliance. The course promotes competence in effectively communicating applicable Governance, Risk, and Compliance needs to stakeholders and systematically approaching complex Governance, Risk, and Compliance tasks within the organizational context.

Course Learning Outcomes
Knowledge

The student has knowledge of

K1 the role of governance frameworks in aligning IT with organisational objectives.
K2 risk identification and classification standards and frameworks.
K3 regulatory compliance.
K4 change management in complex IT and organisational environments.
Skills

The student gain skills in

S1 proposing an organisational IT security policy aligned with organisational objectives.
S2 proposing IT security policy aligned with organizational risk capacity, appetite, and tolerance.
S3 analyse and evaluate IT security policy to ensure regulatory compliance.
General Competence

The student can demonstrate

G1 communicating applicable and relevant Governance, Risk and Compliance needs to stakeholders.
G2 systematically approaching complex Governance, Risk and Compliance tasks in the context of the organisation.

 

 

Course Topics
  • Application of IT GRC frameworks
  • Strategic planning, processes and techniques
  • Execution of selected processes to gain insight into process outputs
  • IT Governance response in relation to changes, opportunities and barriers
  • Continuous improvement processes and techniques
  • End-to-end view on creation, communication and maintenance of GRC strategy
Teaching Methods
  1. Teaching will be based on a hybrid-flexible approach. Instructor-led face-to-face learning is combined with online learning in a flexible course structure that gives students the option of attending sessions in the classroom, participating online, or doing both.
  2. All activities require active student participation in their own learning.
  3. Learning delivery methods and available resources will be selected to ensure constructive alignment with course content, learning outcomes and assessment criteria.
  4. Students will be taught using a mixture of guidance, self-study, and lecture material. Topics will be introduced in a series of weekly lectures. The guidance sessions will be directed practical exercises and reading in which students can explore topics with support from a teacher. This material will also require students to self-manage their time to ensure tasks are completed and the theory is fully understood. This will allow the students to fully engage with lectures and with their peers.
Resources and Equipment
  1. Learning resources are available in the LMS and include, but is not limited to:
    • literature and online reading material (essential and recommended)
    • streams, recordings and other digital resources, where applicable
    • video conferencing and communication platforms, if applicable
    • tools, software and libraries, where applicable
  2. Students must have access to an internet connection, and suitable hardware.
    • Accessing live streams and virtual laboratories requires a minimum broadband connection of 2Mbps (4Mbps recommended).
  3. Students working on their own laptop/computer are required to acquire appropriate communications software; e.g., webcam, microphone, headphones.
Prerequisite Knowledge

UC2GRC10 IT Governance, Risk and Compliance 1, or equivalent course(s).

Reading List

The reading list for this course and any additional electronic resources will be provided in the LMS.

Study Workload

250 nominal hours.
Study workload applies to both Campus and Online students.

ActivityDuration
Teacher-led activity
40
Teacher-supported work
40
Self-study
170