Modules

Due to Covid-19 restrictions, learning and teaching activities on campus as described in the module descriptors are currently restricted. Learning and teaching will be enabled through a mixture of scheduled online activity where you will be able to engage with your tutor and classmates in real-time and unscheduled guided activity where you will be required to complete activities and tasks at a time which best suits you. Teaching will take place on campus, wherever possible, and where this is safe to happen.

Definitive information on module delivery during 2020/21 will be provided on Module Moodle Sites. For specific enquiries please contact the module leaders directly.

Core Module Information
Module title:	Professional Practice Governance and Risk
SCQF level:	09:
SCQF credit value:	20.00
ECTS credit value:	10
Module code:	SOC09702
Module leader:	David Haynes
School	School of Computing
Subject area group:	Generic - School of Computing

Prerequisites

N/A

Description of module content:

The module supports students taking on an industry-based activity, where they apply their course knowledge to their employment activities. They will reflect on their experiences, and discuss the application of their course skills to their jobs. As part of this, some focus should be made on the issues around security governance and risk management.

To assist the students in their studies, the course utilises a taught component with particular focus on information security governance and risk management. This material addresses the issues that have arisen as a result of the pervasive nature of information technology. The material also covers the legal context: national and international, covering privacy and data protection, computer misuse, intellectual property rights, and legal liability. It discusses the standards context: ISO Standards (ISO27000 and ISO31000 in particular) and ISACA’s COBIT. It includes Professionalism, Ethical and moral considerations: corporate and individual ethics. Additionally it looks at Risk identification and modelling: threats, vulnerabilities and attacks. Finally, it considers Risk management and controls including incident handling and the relation to audit and assurance

The QAA benchmark statement for computing incorporates a wide range of activities including hardware, software, communication and, in more general terms, the application of those skills in practice. The specific range of computing-related cognitive abilities gained from this module will depend on the specifics of the project done by each student but in all cases will support “computing-related practical activities” as specified in the benchmark. In addition the student will enrich a range of “additional transferable skills” as required by their projects.

Learning Outcomes for module:

On completion of this module, students will be able to:
LO1: Appraise information security risk management theory and practice and role of risk stakeholders
LO2: Apply knowledge to system risk modelling and select appropriate approaches to risk treatment
LO3: Review and critically appraise relevant laws and relevant standards, their interrelationships and international trends in their development
LO4: Demonstrate understanding of the legal, ethical and professional obligations on computer professionals.
LO5: Critically evaluate professional and governance issues and resolving them using skills in analysis, synthesis and decision-making.

Full Details of Teaching and Assessment

2020/1, Trimester 1, PLACEMENT LEARN,
VIEW FULL DETAILS

Occurrence:	001
Primary mode of delivery:	PLACEMENT LEARN
Location of delivery:	UK PARTNER
Partner:
Member of staff responsible for delivering module:	David Haynes
Module Organiser:

Learning, Teaching and Assessment (LTA) Approach:

This module provides an opportunity for students to extend their knowledge of ICT and
information systems with information security risk management. Students will learn how
to analyse, synthesise and solve complex unstructured business related IS/IT problems.
Teaching comprises a blend of lectures and tutorials that cover all Learning Outcomes.
The lecture programme is often enhanced by input from guest speakers. Lectures will be
recorded and uploaded for delivery in a distance learning mode.
Tutorials and online forums include conventional discussion-based sessions, real-world
case study analysis and evaluation of relevant academic and research material.
Tutorials make extensive use of group work and presentations, and online quizzes and
discussion are encouraged to support study planning.
Students, while undergoing work in their place of employment, will demonstrate their
course skills by applying those to project work undertaken, and documenting those in a
portfolio. This should also reflect on the risk and governance issues discussed in this
course, and how it applied to their work.

Formative Assessment:

Feedback from regular meetings with support tutors on the construction of their portfolio
as well as their ongoing employment-based activities. In terms of the taught aspect of
the module, Formative feedback will be provided throughout the module through
feedback on the self-assessment questions and case studies, both of which will have
outline solutions available. This will enable students to self-assess their understanding
and progress. Appropriate online feedback will be available automatically and
immediately after the assessment is completed. Reflective exercises throughout the
module will require students to apply the delivered concepts and theory to their own
experiences and circumstances and these reflections will be captured in an online
portfolio that students will be able to review and print. Ten end of unit progress tests offer
further formative feedback.

Summative Assessment:

The taught aspects of the course are directly assessed using both a coursework and a
class test. The coursework is a short case study addressing risk management (LO1,2).
The class test covers legal and professional issues (LO3,4).
Construction of a portfolio of the work undertaken during their year of apprenticeship at
their employers (LO5). The report is accompanied by a reflective summary (LO5).

Student Activity (Notional Equivalent Study Hours (NESH))
Mode of activity	Learning & Teaching Activity	NESH (Study Hours)
Other	PLACEMENT	122
Independent Learning	Guided independent study	60
Face To Face	Practical classes and workshops	18
	Total Study Hours	200
	Expected Total Study Hours for Module	200

Assessment
Type of Assessment	Weighting %	LOs covered	Week due	Length in Hours/Words
Report	50	1, 2, 3, 4	36	, WORDS= 2500
Report	50	5	40	, WORDS= 2500
Component 1 subtotal:	100
Component 2 subtotal:	0
Module subtotal:	100

Indicative References and Reading List - URL:

Contact your module leader

Module Name Search

Edinburgh Napier University

Modules

Related information