CSY303 · Governance, Risk & Compliance

Learn risk management, standards, legal and ethical responsibilities in cybersecurity practice. Understand the business and regulatory side of security.

12
Weeks
36
Hours
Year 3
Level
0%
Begin Course

Building on Prior Knowledge

This course builds on key concepts from earlier years:

  • CSY101 Week 14: Security standards foundations (CIS Controls, NIST 800-53, ISO 27001)
  • CSY104 Week 11: CVSS scoring for risk assessment and prioritization
  • CSY101 Week 01: NIST CSF and risk communication with stakeholders
  • CSY203 & CSY204: Application testing and IR outputs for risk register inputs

Course Curriculum

12 Weeks
Week 01

Governance Fundamentals

 Week 02

Risk Management Frameworks

 Week 03

ISO 27001/27002

 Week 04

NIST Cybersecurity Framework

 Week 05

CIS Controls

 Week 06

Compliance Requirements (GDPR, PCI-DSS)

 Week 07

Security Policies & Procedures

 Week 08

Risk Assessment & Analysis

 Week 09

Business Continuity & Disaster Recovery

 Week 10

Third-Party Risk

 Week 11

Security Metrics & Reporting

 Week 12

GRC Integration

Assessment Hub

View your grades, review past quiz attempts, and track your progress towards course completion.

Open Assessment Hub