INFS5929 Managing Information Systems / Information Technology Risk - 2020

Subject Code
Study Level
Commencing Term
Term 3
Total Units of Credit (UOC)
Delivery Mode
Info Systems & Tech Mgmt
The course outline is not available for current term. To view outlines from other years and/or terms, visit the archives .

1. Course Details

Summary of Course

​Information systems and information technology (IS/IT) underpin the operation of most facets of most organisations. IS/IT provide means by which organisations process their transactions, the mechanisms by which business stakeholders communicate, the information required to manage the performance of the business, and the capability for the business to pursue its strategic plans. The reliance on IS/IT by organisations does, however, involve a broad range of risks to both the IS/IT itself and to the organisation, and these risks need to identified and managed.

These risks relate to the correct operation of the systems themselves, the integrity and security of the data, information and intellectual property they manage, the development and implementation of new systems and the improvement of existing systems. Poor management of these IS/IT risks can create business risks that have implications for the business’s ability to continue its day to day operations, meet its obligations, it reputation and its strategic plans.

This course investigates these risks in a systematic manner and looks at the current theory, methods and best practice for their identification, assessment, analysis and mitigation.

Teaching Times and Locations

Please note that teaching times and locations are subject to change. Students are strongly advised to refer to the Class Timetable website for the most up-to-date teaching times and locations.

View course timetable

Course Policies & Support

Course Aims and Relationship to Other Courses

​This course aims to familiarise you with the key concepts, practices and issues in the management of information systems and Information Technology risk management and provide you with sufficient practical and theoretical knowledge of the area so that you will be able to meaningfully participate in, or interact with, this aspect of business management. In addition to providing these domain skills we will also be looking to enhance your communication, presentation, problem solving and critical thinking skills through class work and assignments.

This course will be of benefit to all IS/IT and business practitioners who are interested in how information systems and IT risks are managed and have career aspirations of a senior role in business/IT management or consulting. The course would also be very useful for those who envisage, or perhaps already have, launched their own business ventures.

INFS5929 is a core course in the Masters of Information Systems Management and is an elective in several postgraduate programs of UNSW Business School. INFS5929 has no prerequisites.

2. Staff Contact Details

Position Title Name Email Location Phone Consultation Times
Lecturer-in-chargeDrKenneth StevensQUAD 2082A+61 9385 4242immediately after the Weekly online workshop or by appointment

Due to social distancing requirements, 'in person' face to face consultations will not available in Term 3, 2020.

Online consultations will be held at the end of the weekly online workshop or by appointment (further information regarding consultations are available on the course website).

The best way to contact your lecturer is via email ( or during the online workshop consultation.

Please note that only your UNSW email account can be used for formal notices and correspondence regarding the course.

If you need to contact the school urgently, call 9385 5320 or email on

All students are expected to use email responsibly and respectfully.

Moodle will to be used for all course communication i.e. notices, questions regarding assignments and course content.

3. Learning and Teaching Activities

Approach to Learning and Teaching in the Course

​This course is developed and delivered within the context of the following learning and teaching philosophy.

In addition to students learning the fundamental content of the course, the content is designed to foster critical thinking and to facilitate the acquisition of life-long learning skills. The course and its delivery are designed with a view to assisting the development of problem solving skills. The role of the lecturer/tutor of a course is to facilitate learning. It is recognised that students are individuals who bring a diverse range of experiences, interests and abilities and that these aspects of the student will influence their own learning. The responsibility for learning lies with the student. The role of the lecturer is to provide the environment within which students can participate, contribute and interact while adding to their own skills and knowledge. An important element of such an environment is that students are encouraged to engage in cooperative learning in an enjoyable setting.

Within the context of this philosophy, students will be encouraged to participate, reflect on the material and to engage in meaningful debate with respect to the topics covered. It is essential that students prepare prior to workshops so that they are in a position to contribute to the class discussions. One of the interesting aspects of information and communication technology studies is that there is rarely, if ever, one irrefutable correct answer to a problem – often the only answer is ‘depends’. Students are encouraged to investigate and explore the contexts within which certain courses of action are preferable to others and to consider the situation where the best technical solution may not necessarily be the best solution given the constraints of the case at hand.

Accordingly, assessment is weighted toward informed, reasoned and well-argued personal opinion based on the contextual factors and constraints presented in the various scenarios and is consequently, not based on the acquisition of knowledge alone.

Learning Activities and Teaching Strategies

Our course consists of 9 topics to be covered over the 10 weeks of the course. Each week will cover a new topic, except Week 6.
Each week will require you to undertake a set of activities:
•    Read the required readings
•    Work through the voiced over slides
•    Answers questions in the discussion forums
•    Prepare for the weekly online workshop
•    Attend and participate in the weekly online workshop
•    Undertake your own private study
A weekly study guide will help you work through each of these activities. The study guide will be available at least 1 week before the relevant topic.
Each week will have a set of required readings. For the most part the required readings will be one or two chapters from our text (see Resources section of the course outline for details) and a short journal article. The required readings are a foundational element of the course and it is essential that your read them. Each week will also have some ‘additional readings’ which are recommended should you wish to investigate that week’s topic further.
Each week will have a set of voiced over slides available as a PowerPoint Slideshow or a streaming video.  Handouts for the slides will also be available. It is important that you work through these slides before the workshop.
Discussion forums are a key element of this course and are the place where we will outline relevant world examples of the topic at hand, describe and discuss real world applications of our frameworks and theories, discuss the more difficult aspects of our topics and contemplate future development in that areas under consideration. Each week two or three required questions will be posted on the discussion forum and it is expected that everyone will post answers, follow ups and comments during the week. The forums will be moderated by the lecturer. Your involvement in the discussion forums is important and will determine a major part of your participation mark. The study required to answer the forum questions, along with the preparation for the online workshop (as discussed below) will form the major part of your private study each week. Further details about the discussion forums will be provide in Moodle.
A ‘live’ online workshop will be held each week on Thursday evening. It is envisaged that it will be two hours long and will involve a range of activities (such as Q&A, small group activities and presentations and the like). We will use the virtual meeting tool Zoom and the agenda (in form of a PowerPoint slide set) and invite to the meeting will be set out on Moodle each week. The online workshop will be interactive, and your involvement is important and will determine a major part of your participation mark. You will need to prepare for the workshop and this preparation, along with the study required to answer the discussion forums (discussed above) will form a major component of your weekly private study.
Your own study, in form of reading the required readings, preparation of answers to discussion forum questions, preparation for the online workshops, writing of your own topic notes and summaries and reflecting on summaries and notes for the key element of this course – your own private study. It is expected that this work will take at least 8 hours per week.

5. Course Resources

The website for this course is on Moodle.

The prescribed textbook is the one we will use throughout the course. This text book is an excellent resource that covers the basics of theory and application. All students should have a copy in their possession to refer to throughout the semester. It is available in UNSW Bookshop and in eBook format.

Darril Gibson, “Managing Risk in Information Systems" Second Edition,published by Jones & Bartlett Learning (Elsevier Australia), 2015

From time to time, you will be asked to do some additional readings. In those cases, the reading materials will be made available on the course website on Moodle (

6. Course Evaluation & Development

Feedback is regularly sought from students and continual improvements are made based on this feedback. At the end of this course, you will be asked to complete the myExperience survey, which provides a key source of student evaluative feedback. Your input into this quality enhancement process is extremely valuable in assisting us to meet the needs of our students and provide an effective and enriching learning experience. The results of all surveys are carefully considered and do lead to action towards enhancing educational quality.

Feedback from previous students indicated that the real life project is an excellent learning tool; and that group work needs more attention. As a result of this feedback, we have retained our mission to find and engage exciting real life clients, and added an informal peer evaluation in the middle of the term. In making these changes and maintaining the outstanding aspects of the course we aim to maintain the quality experience offered by this course and we strive to make this one of your most memorable experiences of your undergraduate degree.

If at any time you have any concerns with your progress or any aspects of the course, please feel free to contact me to discuss your concerns.

7. Course Schedule

Note: for more information on the UNSW academic calendar and key dates including study period, exam, supplementary exam and result release, please visit:
Week Activity Topic Assessment/Other
Week 1: 14 SeptemberStudy and workshop

Risk Management Fundamentals

Readings from the textbook: Chapter 1 and Chapter 2

Other Readings: To be announced

Week 2: 21 SeptemberStudy and workshop

Maintaining Compliance and Developing a Risk Management Plan

Readings from the textbook: Chapter 3 and Chapter 4

Other Readings: To be announced

Week 3: 28 SeptemberStudy and workshop

Defining and Performing Risk Assessment


Readings from the textbook: Chapter 5 and Chapter 6

Other Readings: To be announced

Week 4: 5 OctoberStudy and workshop

Identifying What Needs to be Protected

Readings from the textbook: Chapter 7

Other Readings: To be announced

Week 5: 12 OctoberStudy and workshop

Identifying and Analysing Threats, Vulnerabilities and Exploits and Identifying and Analysing Security Controls

Readings from the textbook: Chapter 8 and Chapter 9

Other Readings: To be announced

Week 6: 19 October

None - University Flexibility Week

no reading for this week

Week 7: 26 OctoberStudy and workshop

Risk Mitigation for the Whole Organisation

Readings from the textbook: Chapter 10

Week 8: 2 NovemberStudy and workshop

From Risk Assessment to the Risk Mitigation Plan

Readings from the textbook: Chapter 11

Week 9: 9 NovemberStudy and workshop

Business Impact Analysis & Business Continuity Planning


Readings from the textbook: Chapter 12 and Chapter 13

Week 10: 16 NovemberStudy and workshop

Disaster Recovery Planning and Incidence Response Planning

Individual Assignment

Readings from the textbook: Chapter 14 and Chapter 15

8. Policies and Support

Information about UNSW Business School protocols, University policies, student responsibilities and education quality and support.

Program Learning Outcomes

The Business School places knowledge and capabilities at the core of its curriculum via seven Program Learning Outcomes (PLOs). These PLOs are systematically embedded and developed across the duration of all coursework programs in the Business School.

PLOs embody the knowledge, skills and capabilities that are taught, practised and assessed within each Business School program. They articulate what you should know and be able to do upon successful completion of your degree.

Upon graduation, you should have a high level of specialised business knowledge and capacity for responsible business thinking, underpinned by ethical professional practice. You should be able to harness, manage and communicate business information effectively and work collaboratively with others. You should be an experienced problem-solver and critical thinker, with a global perspective, cultural competence and the potential for innovative leadership.

All UNSW programs and courses are designed to assess the attainment of program and/or course level learning outcomes, as required by the UNSW Assessment Design Procedure. It is important that you become familiar with the Business School PLOs, as they constitute the framework which informs and shapes the components and assessments of the courses within your program of study.

PLO 1: Business knowledge

Students will make informed and effective selection and application of knowledge in a discipline or profession, in the contexts of local and global business.

PLO 2: Problem solving

Students will define and address business problems, and propose effective evidence-based solutions, through the application of rigorous analysis and critical thinking.

PLO 3: Business communication

Students will harness, manage and communicate business information effectively using multiple forms of communication across different channels.

PLO 4: Teamwork

Students will interact and collaborate effectively with others to achieve a common business purpose or fulfil a common business project, and reflect critically on the process and the outcomes.

PLO 5: Responsible business practice

Students will develop and be committed to responsible business thinking and approaches, which are underpinned by ethical professional practice and sustainability considerations.

PLO 6: Global and cultural competence

Students will be aware of business systems in the wider world and actively committed to recognise and respect the cultural norms, beliefs and values of others, and will apply this knowledge to interact, communicate and work effectively in diverse environments.

PLO 7: Leadership development

Students will develop the capacity to take initiative, encourage forward thinking and bring about innovation, while effectively influencing others to achieve desired results.

These PLOs relate to undergraduate and postgraduate coursework programs.  Separate PLOs for honours and postgraduate research programs are included under 'Related Documents'.

Business School course outlines provide detailed information for students on how the course learning outcomes, learning activities, and assessment/s contribute to the development of Program Learning Outcomes.



UNSW Graduate Capabilities

The Business School PLOs also incorporate UNSW graduate capabilities, a set of generic abilities and skills that all students are expected to achieve by graduation. These capabilities articulate the University’s institutional values, as well as future employer expectations.

UNSW Graduate CapabilitiesBusiness School PLOs
Scholars capable of independent and collaborative enquiry, rigorous in their analysis, critique and reflection, and able to innovate by applying their knowledge and skills to the solution of novel as well as routine problems.
  • PLO 1: Business knowledge
  • PLO 2: Problem solving
  • PLO 3: Business communication
  • PLO 4: Teamwork
  • PLO 7: Leadership development

Entrepreneurial leaders capable of initiating and embracing innovation and change, as well as engaging and enabling others to contribute to change
  • PLO 1: Business knowledge
  • PLO 2: Problem solving
  • PLO 3: Business communication
  • PLO 4: Teamwork
  • PLO 6: Global and cultural competence
  • PLO 7: Leadership development

Professionals capable of ethical, self-directed practice and independent lifelong learning
  • PLO 1: Business knowledge
  • PLO 2: Problem solving
  • PLO 3: Business communication
  • PLO 5: Responsible business practice

Global citizens who are culturally adept and capable of respecting diversity and acting in a socially just and responsible way.
  • PLO 1: Business knowledge
  • PLO 2: Problem solving
  • PLO 3: Business communication
  • PLO 4: Teamwork
  • PLO 5: Responsible business practice
  • PLO 6: Global and cultural competence

While our programs are designed to provide coverage of all PLOs and graduate capabilities, they also provide you with a great deal of choice and flexibility.  The Business School strongly advises you to choose a range of courses that assist your development against the seven PLOs and four graduate capabilities, and to keep a record of your achievements as part of your portfolio. You can use a portfolio as evidence in employment applications as well as a reference for work or further study. For support with selecting your courses contact the UNSW Business School Student Centre.

Academic Integrity and Plagiarism

Academic Integrity is honest and responsible scholarship. This form of ethical scholarship is highly valued at UNSW. Terms like Academic Integrity, misconduct, referencing, conventions, plagiarism, academic practices, citations and evidence based learning are all considered basic concepts that successful university students understand. Learning how to communicate original ideas, refer sources, work independently, and report results accurately and honestly are skills that you will be able to carry beyond your studies.

The definition of academic misconduct is broad. It covers practices such as cheating, copying and using another person’s work without appropriate acknowledgement. Incidents of academic misconduct may have serious consequences for students.


UNSW regards plagiarism as a form of academic misconduct. UNSW has very strict rules regarding plagiarism. Plagiarism at UNSW is using the words or ideas of others and passing them off as your own. All Schools in the Business School have a Student Ethics Officer who will investigate incidents of plagiarism and may result in a student’s name being placed on the Plagiarism and Student Misconduct Registers.

Below are examples of plagiarism including self-plagiarism:

Copying: Using the same or very similar words to the original text or idea without acknowledging the source or using quotation marks. This includes copying materials, ideas or concepts from a book, article, report or other written document, presentation, composition, artwork, design, drawing, circuitry, computer program or software, website, internet, other electronic resource, or another person's assignment, without appropriate acknowledgement of authorship.

Inappropriate Paraphrasing: Changing a few words and phrases while mostly retaining the original structure and/or progression of ideas of the original, and information without acknowledgement. This also applies in presentations where someone paraphrases another’s ideas or words without credit and to piecing together quotes and paraphrases into a new whole, without appropriate referencing.

Collusion: Presenting work as independent work when it has been produced in whole or part in collusion with other people. Collusion includes:

  • Students providing their work to another student before the due date, or for the purpose of them plagiarising at any time
  • Paying another person to perform an academic task and passing it off as your own
  • Stealing or acquiring another person’s academic work and copying it
  • Offering to complete another person’s work or seeking payment for completing academic work

Collusion should not be confused with academic collaboration (i.e., shared contribution towards a group task).

Inappropriate Citation: Citing sources which have not been read, without acknowledging the 'secondary' source from which knowledge of them has been obtained.

Self-Plagiarism: ‘Self-plagiarism’ occurs where an author republishes their own previously written work and presents it as new findings without referencing the earlier work, either in its entirety or partially. Self-plagiarism is also referred to as 'recycling', 'duplication', or 'multiple submissions of research findings' without disclosure. In the student context, self-plagiarism includes re-using parts of, or all of, a body of work that has already been submitted for assessment without proper citation.

To see if you understand plagiarism, do this short quiz:


The University also regards cheating as a form of academic misconduct. Cheating is knowingly submitting the work of others as their own and includes contract cheating (work produced by an external agent or third party that is submitted under the pretences of being a student’s original piece of work). Cheating is not acceptable at UNSW.

If you need to revise or clarify any terms associated with academic integrity you should explore the 'Working with Academic Integrity' self-paced lessons available at:

For UNSW policies, penalties, and information to help you avoid plagiarism see: as well as the guidelines in the online ELISE tutorials for all new UNSW students: For information on student conduct see:

For information on how to acknowledge your sources and reference correctly, see: If you are unsure what referencing style to use in this course, you should ask the lecturer in charge.

Student Responsibilities and Conduct

​Students are expected to be familiar with and adhere to university policies in relation to class attendance and general conduct and behaviour, including maintaining a safe, respectful environment; and to understand their obligations in relation to workload, assessment and keeping informed.

Information and policies on these topics can be found on the 'Managing your Program' website.


It is expected that you will spend at least ten to twelve hours per week studying for a course except for Summer Term courses which have a minimum weekly workload of twenty to twenty four hours. This time should be made up of reading, research, working on exercises and problems, online activities and attending classes. In periods where you need to complete assignments or prepare for examinations, the workload may be greater. Over-commitment has been a cause of failure for many students. You should take the required workload into account when planning how to balance study with employment and other activities.

We strongly encourage you to connect with your Moodle course websites in the first week of semester. Local and international research indicates that students who engage early and often with their course website are more likely to pass their course.

View more information on expected workload


Your regular and punctual attendance at lectures and seminars or in online learning activities is expected in this course. The Business School reserves the right to refuse final assessment to those students who attend less than 80% of scheduled classes where attendance and participation is required as part of the learning process (e.g., tutorials, flipped classroom sessions, seminars, labs, etc.).

View more information on attendance

General Conduct and Behaviour

You are expected to conduct yourself with consideration and respect for the needs of your fellow students and teaching staff. Conduct which unduly disrupts or interferes with a class, such as ringing or talking on mobile phones, is not acceptable and students may be asked to leave the class.

View more information on student conduct

Health and Safety

UNSW Policy requires each person to work safely and responsibly, in order to avoid personal injury and to protect the safety of others.

View more information on Health and Safety

Keeping Informed

You should take note of all announcements made in lectures, tutorials or on the course web site. From time to time, the University will send important announcements to your university e-mail address without providing you with a paper copy. You will be deemed to have received this information. It is also your responsibility to keep the University informed of all changes to your contact details.

Student Support and Resources

​The University and the Business School provide a wide range of support services and resources for students, including:

Business School EQS Consultation Program
The Consultation Program offers academic writing, literacy and numeracy consultations, study skills, exam preparation for Business students. Services include workshops, online resources, individual and group consultations. 
Level 1, Room 1035, Quadrangle Building.
02 9385 4508

Communication Resources
The Business School Communication and Academic Support programs provide online modules, communication workshops and additional online resources to assist you in developing your academic writing.

Business School Student Centre
The Business School Student Centre provides advice and direction on all aspects of admission, enrolment and graduation.
Level 1, Room 1028 in the Quadrangle Building
02 9385 3189

UNSW Learning & Careers Hub
The UNSW Learning & Careers Hub provides academic skills and careers support services—including workshops, individual consultations and a range of online resources—for all UNSW students. See their website for details.
Lower Ground Floor, North Wing Chancellery Building.
02 9385 2060

Student Support Advisors
Student Support Advisors work with all students to promote the development of skills needed to succeed at university, whilst also providing personal support throughout the process.
John Goodsell Building, Ground Floor.
02 9385 4734

International Student Support
The International Student Experience Unit (ISEU) is the first point of contact for international students. ISEU staff are always here to help with personalised advice and information about all aspects of university life and life in Australia.
Advisors can support you with your student visa, health and wellbeing, making friends, accommodation and academic performance.
02 9385 4734

Equitable Learning Services
Equitable Learning Services (formerly Disability Support Services) is a free and confidential service that provides practical support to ensure that your health condition doesn't adversely affect your studies. Register with the service to receive educational adjustments.
Ground Floor, John Goodsell Building.
02 9385 4734

UNSW Counselling and Psychological Services
Provides support and services if you need help with your personal life, getting your academic life back on track or just want to know how to stay safe, including free, confidential counselling.
Level 2, East Wing, Quadrangle Building.
02 9385 5418

Library services and facilities for students
The UNSW Library offers a range of collections, services and facilities both on-campus and online.
Main Library, F21.
02 9385 2650

Moodle eLearning Support
Moodle is the University’s learning management system. You should ensure that you log into Moodle regularly.
02 9385 3331

UNSW IT provides support and services for students such as password access, email services, wireless services and technical support.
UNSW Library Annexe (Ground floor).
02 9385 1333