Graduate Certificate in Cyber Security Governance and Risk Management

This course is critical to understanding the complexity and nuances of cyber security as a technical discipline, and adequately interact with technical cyber security teams. This foundational course in Cyber Security will enable you to apply key concepts to cyber defence, identity and access management, network, communications and infrastructure security.

This course explores key concepts, principles and practices of cyber security. It will introduce you to security, concepts, and key security principles. You will develop insights into the types, anatomy and stages of cyber attacks with an overview of security tools and cyber defences. You will also be introduced to approaches to identity and access management (IdAM), network security concepts, applications and infrastructure security. Finally, you will engage with emerging cyber security issues.

Learning outcomes

• Analyse organisational drivers and business objectives to identify, prioritise and plan cyber security needs.
• Analyse key cyber security principles using cyber security tools, controls, and cyber defences.
• Critically evaluate security controls around identity and access management, network and communications security, applications and infrastructure security to identify vulnerabilities and propose defensive strategies against cyber threats.
• Formulate strategic advice and recommendations to implement security controls that adopt a risk-based approach and meet organisational strategy and business needs.

Understanding cyber security governance and risk is crucial to developing and maintaining cyber security in organisations in an age of increasing cyber threats and attacks. Cyber security governance enables organisations to develop and formulate strategies for risk and compliance management, and to respond to cyber security threats in an orderly and efficient manner.

This course builds the understanding of cyber security governance, risk and compliance (GRC) requirements and explores current and emerging cyber security GRC management practices and processes. You will evaluate risk management concepts, principles and key legal, regulatory and compliance frameworks for application in organisational contexts. You will assess and quantify cyber security risks and apply modelling to evaluate threats, and vulnerabilities. You will also develop risk mitigation strategies, policies, standards and procedures for risk metrics, operational management and board reporting.

Learning outcomes

• Analyse the concept of governance, principles of risk and compliance management in a cybe rsecurity context.
• Apply a risk management approach to assess and quantify organisational exposure to cyber risk.
• Critically evaluate risk management concepts, principles and key legal, regulatory and compliance frameworks for application to organisational needs in cyber security risk management.
• Apply policies, standards and procedures and develop risk mitigation strategies for risk metrics and board reporting.

Developing cyber security resilience and the capability to manage security incidents is an increasingly urgent challenge for organisations operating in global digital environments. This course explores current practices in cyber security resilience as a component of organisational management.

You will develop insights and strategies to align cyber security management with organisational needs: assessing organisational cyber security maturity, incident management approaches, and crisis communication. You will also develop a strategic approach to the development of a security culture and awareness in an organisation, in the use of asset, resource and records management, roles and responsibilities for organisational cyber resilience (e.g. response), cyber security audits, and business continuity process and planning.

Learning outcomes

• Critically analyse organisational cyber security maturity in relation to cyber resilience and incident management.
• Analyse asset and resource management practices to develop business continuity process and planning approaches.
• Formulate strategic advice to promote and nurture a security culture and awareness in an organisation.
• Develop an incident management response policy and plan.

For this course, choose one from the following three options:

Data and Privacy in the Digital Age

Develop an advanced understanding of Australian and international privacy laws. Comprehend the value of personal and commercial data and examine the obligations relating to the collection, storage, and use of customer data. Explore the ethical, social, and regulatory implication of key privacy and data topics and the necessary organisational response in the event of a data breach.

Digital Leadership & Digital Delivery with Agile

This elective includes two of RMIT Online’s short courses. The digital leadership component will expose you to the leadership practices and mindsets required to lead product development and product teams. You’ll be introduced to leadership frameworks and models within fast-changing digital environments. The agile delivery component will enable you to understand the depth and breadth of agile frameworks, methods, tools and techniques and how to select, blend and apply these broadly across business domains.

Law and Policy for Emerging Technologies

This elective examines the emergence of new technologies and their impacts on modern society, ethics, law, regulation, and policy. You’ll study a range of theories and approaches for developing suitable regulations that are able to keep up and remain flexible with technological change.

An Australian bachelor's degree or equivalent, or higher-level qualification, from a recognised tertiary institution plus 2 years of relevant work experience. If you do not have these academic qualifications, you may be eligible for entrance into this program if you have at least 5 years of continuous full-time experience working in business, information systems, or cyber security. These applicants will be required to submit a curriculum vitae (CV).

International students are required to provide current evidence of

English language proficiency for admission to RMIT University. You can provide your results from one of these three options:

• An accepted English language proficiency test, or
• An accepted English language provider, or
• A recognised Australian or international qualification.

For detailed information on English language requirements and other proficiency tests recognised by RMIT, visit the English language requirements and equivalency information.

RMIT’s Online Graduate Certificate in Cyber Security Governance and Risk Management does not meet Australian student visa requirements. For an Australian student visa, you must have an on-campus place in a program of study. For more details on RMIT’s on-campus programs visit rmit.edu.au.