Rédigé par des étudiants ayant réussi Disponible immédiatement après paiement Lire en ligne ou en PDF Mauvais document ? Échangez-le gratuitement 4,6 TrustPilot
logo-home
Resume

Summary - Digital Risk & Security (2013TEWMHB)

Note
-
Vendu
2
Pages
141
Publié le
27-05-2025
Écrit en
2024/2025

This is a summary of the course “Digital Risk & Security” (2013TEWMHB), taught in the second semester of the academic year. This summary includes lecture notes.

Aperçu du contenu

DIGITAL RISK AND SECURITY
TABLE OF CONTENTS

Practical .......................................................................................................................................................................... 3
Chapter 1: Fundamentals on Risk & Security (Management) ............................................................................................. 5
1.1 – Introduction ......................................................................................................................................................... 5
1.2 – Definition of Terms ............................................................................................................................................... 7
Risk .......................................................................................................................................................................... 7
Risk Management ..................................................................................................................................................... 8
Information Security & Information Security Risk ....................................................................................................... 8
Cybersecurity ........................................................................................................................................................... 8
1.3 – Risk and Security are real … .................................................................................................................................. 9
1.4 – Risk and Security in their (IT) Governance Context............................................................................................... 10
IT Governance Definitions ....................................................................................................................................... 11
Chapter 2: Relevant Risk & Security Framework & Standards .......................................................................................... 13
2.1 – COSO ............................................................................................................................................................. 13
COSO ERM 2017 ..................................................................................................................................................... 13
COSO ERM: 2004 versus 2017 ................................................................................................................................ 14
COSO ERM 2017 ..................................................................................................................................................... 14
COSO Enterprise Risk Management ........................................................................................................................ 14
2.2 – ISO/IEC 31000 .................................................................................................................................................... 17
2.3 – FAIR ................................................................................................................................................................... 20
2.4 – COBIT (Refresher) .............................................................................................................................................. 23
2.5 – ISO/IEC 27001 & 27002 ...................................................................................................................................... 45
2.6 – NIST CSF 2.0 ...................................................................................................................................................... 51
2.7 – CCB CyberFun ................................................................................................................................................... 55
Chapter 3: Risk & Security Runctions in Organisations .................................................................................................... 59
3.1 The Risk Functions ................................................................................................................................................ 59
3.2 The Security Function........................................................................................................................................ 69
Chapter 4: Risk Governance & Risk Management............................................................................................................ 76
4.1 – Risk Governance ................................................................................................................................................ 76
4.2 – Risk Taxonomy ................................................................................................................................................... 78
4.3 – Risk Appetite ...................................................................................................................................................... 82
4.4 – CCB Cyber Fundamentals Revisted .................................................................................................................... 83
4.5 – The Risk Management Process ........................................................................................................................... 85
Chapter 6: Security Governance & Management ............................................................................................................. 88
6.1 – Security Governance .......................................................................................................................................... 88
6.2 – Security Management......................................................................................................................................... 91




1

,Chapter 7: Relevant regulations ..................................................................................................................................... 94
7.1 NIS2 ..................................................................................................................................................................... 94
7.2 DORA ................................................................................................................................................................... 97
Chapter 8: Practical Risk & Security Management .......................................................................................................... 99
8.1 – IT Risk Scenarios ................................................................................................................................................ 99
8.1 (extra) – Introduction & Recap Risk Taxonomy ..................................................................................................... 105
8.2 – Risk Analysis (QUALITATIVE) ............................................................................................................................. 106
8.3 – FAIR: Quick Recap ............................................................................................................................................ 108
8.4 – Risk Analysis (QUANTITATIVE) .......................................................................................................................... 113
Tools ........................................................................................................................................................................ 115
8.5 – Risk Aggregation ............................................................................................................................................... 116
8.6 – Risk Response .................................................................................................................................................. 118
8.6.1 – Risk Response Options (COBIT 5) ............................................................................................................... 119
8.6.2 – Risk Response Portfolio & Business Case ................................................................................................... 122
8.7 Risk Reporting & Communication........................................................................................................................ 125
8.7.1 Examples of Risk Information Items .............................................................................................................. 126
8.8 Key Risk Indicators ............................................................................................................................................. 128
Guest Lectures ............................................................................................................................................................ 131
Managint IT and cyber risk in practice (ING)............................................................................................................... 131
Cybercrime in practice (Catherine Van de Heyning) .................................................................................................. 135
Chapter 9: Current IT Risk & Security Topics ................................................................................................................. 138




2

,PRACTICAL

• Lecturer: Dirk Steuperaert
• Overview of the Course
o The course is structured as follows, taking into account the (high) number of students who enrolled this
year:
▪ Lectures (8), during which theory is explained, illustrated with examples.
• In Lecture Session 2 a COBIT 2019 refresher is planned for those who want to refresh
their COBIT 2019 knowledge or for whom COBIT has not been part of their curriculum
yet.
▪ Guest Lecture (1) on Law enforcement of Cybercrime and Security Governance
▪ Lecture on current topics in IT Risk & Security Management
▪ Group assignment
o A detailed agenda is included further in this presentation, and is posted on Blackboard - Please check
Blackboard regularly for any changes that might occur
• Course Grading
o 2/3 based on the individual exam – the individual exam will consist of two parts, each counting for 50% of
the exam grade:
▪ Multiple Choice written exam, testing the understanding and insight in the materials covered
during the course sessions. This exam will be open book and will not test memorization of the
course contents. The exam will consist of 50 multiple choice questions. A standard setting of
70% will apply.
• Open book, but no use of ChatGPT
▪ Oral individual exam, consisting of:
• The opportunity to explain your answers on the multiple choice exam (Optional)
• An exercise whereby you will be asked to apply the acquired knowledge to a risk
management problem (quantitative risk methodologies)
o 1/3 based on the group assignment
▪ The group assignment will be explained during the session of April 2nd and is to be handed in by
May 31st.
o Students must pass the individual exam in order to achieve a passing score for the whole course. A failing
grade for the individual exam automatically becomes the final grade for the whole course.
o The scores for the group assignment are final and also count for the second exam period.
• Course Agenda 2024-2025

Date Week Digital Risk & Security – 8u30-10u15 (B.003)
Course Introduction
Chapter 1: Fundamentals on risk management and security
• What is risk and risk management
12/02/2025 21 • What is security and security management
• Risk and Security management in IT governance context
Chapter 2: Relevant Risk & Security Framework & Standards
• FAIR
Chapter 2: Relevant Risk & Security Framework & Standards
19/02/2025 22
• COBIT 2019
Chapter 2: Relevant Risk & Security Framework & Standards
• ISO/IEC 27001 & ISO/IEC27002
26/02/2025 23
• NIST CSF2.0
• CCB CyberFun
05/03/2025 24 NO CLASS
12/03/2025 25 Chapter 3: The Risk and Security Function(s) in an organization
19/03/2025 26 Chapter 4: Risk Governance and Risk Management


3

, Chapter 5: Security Governance and Security Management
Chapter 6: Most relevant risk & security regulations
26/03/2025 27
• NIS2
• DORA
Chapter 7:Practical Risk & Security Management:
02/04/2025 28 • Risk Analysis methodologies
Briefing Group Assignment
09/04/2025 29 NO CLASS – EASTER HOLIDAYS
16/04/2025 30 NO CLASS – EASTER HOLIDAYS
Chapter 7: Practical Risk & Security Management:
• Risk and Incident Response
o Risk Mitigation
23/04/2025 31
o Risk sharing/transfer
• Risk Communication
Group Assignment Working Session
Guest Lectures:
30/04/2025 32 • Cybercrime in Belgium: a view from law enforcement
• Security governance in a financial institution
Current Topics in Risk Management and Security
07/05/2025 33
Group Assignment Working Session
14/05/2025 34 Exam Briefing (including previous years’ exam questions)
21/05/2025 35 Multiple choice exam
June Oral Exam
• Course Materials
o Slides –slides contain the main lines of the course; course notes will complement the slides, and the
reference material contains details where necessary. -
o Case Study text for the Group Assignment
o Reference Materials
▪ ISACA Publications (see also Blackboard):
• COBIT 2019 Framework
• COBIT 2019 Governance and Management Objectives
• COBIT 2019 Information Security Focus Area
• COBIT 2019 I&T Risk Focus Area
• RiskITFramework 2nd Edition
▪ Other References
• COSO ERM 2017
• FAIR
• NIST
• DORA & NIS2
• CCB CyberFun




4

Infos sur le Document

Publié le
27 mai 2025
Nombre de pages
141
Écrit en
2024/2025
Type
RESUME

Sujets

€12,48
Accéder à l'intégralité du document:

Mauvais document ? Échangez-le gratuitement Dans les 14 jours suivant votre achat et avant le téléchargement, vous pouvez choisir un autre document. Vous pouvez simplement dépenser le montant à nouveau.
Rédigé par des étudiants ayant réussi
Disponible immédiatement après paiement
Lire en ligne ou en PDF


Document également disponible en groupe

Thumbnail
Package deal
Compulsory courses master's degree in Digital Business Engineering
-
7 2025
€ 65,49 Plus d'infos

Faites connaissance avec le vendeur

Seller avatar
Les scores de réputation sont basés sur le nombre de documents qu'un vendeur a vendus contre paiement ainsi que sur les avis qu'il a reçu pour ces documents. Il y a trois niveaux: Bronze, Argent et Or. Plus la réputation est bonne, plus vous pouvez faire confiance sur la qualité du travail des vendeurs.
StudentUA8 Universiteit Antwerpen
Voir profil
S'abonner Vous devez être connecté afin de suivre les étudiants ou les cours
Vendu
406
Membre depuis
4 année
Nombre de followers
141
Documents
41
Dernière vente
3 semaines de cela

4,3

42 revues

5
25
4
8
3
6
2
2
1
1

Pourquoi les étudiants choisissent Stuvia

Créé par d'autres étudiants, vérifié par les avis

Une qualité sur laquelle compter : rédigé par des étudiants qui ont réussi et évalué par d'autres qui ont utilisé ce document.

Le document ne convient pas ? Choisis un autre document

Aucun souci ! Tu peux sélectionner directement un autre document qui correspond mieux à ce que tu cherches.

Paye comme tu veux, apprends aussitôt

Aucun abonnement, aucun engagement. Paye selon tes habitudes par carte de crédit et télécharge ton document PDF instantanément.

Student with book image

“Acheté, téléchargé et réussi. C'est aussi simple que ça.”

Alisha Student

Foire aux questions