This course explores a comprehensive understanding of IT risk management principles and practices, methodologies, and controls. It further covers the identification, assessment, mitigation and management of IT risks in information technology environments along with the implementation of effective control measures to protect organizational assets. It focuses on the development and implementation of effective IT risk management strategies that align with organizational goals and regulatory requirements.

Students will learn to evaluate various types of IT risks like strategic, operational, and compliance risks, plus cybersecurity threats. They will also learn key frameworks and standards, such as NIST Cybersecurity Framework, COBIT, and ITIL and, ISO/IEC 27001, used to establish and maintain strong IT controls. The course will also examine the significance of business continuity planning and disaster recovery in reducing the impact of potential issues and the role of IT governance in ensuring that risk management practices are integrated into the overall management of IT resources.

Students will gain skills needed to design, implement, and manage IT controls that protect critical assets, ensure data integrity, and support the operations of an organization through real-world examples, case studies, and practical exercises to challenge the complexities of IT risk in the digital environment.