Module Code: |
H8DGC |
Long Title
|
Data Governance and Cybersecurity
|
Title
|
Data Governance and Cybersecurity
|
Module Level: |
LEVEL 8 |
EQF Level: |
6 |
EHEA Level: |
First Cycle |
Module Author: |
David McCarthy |
Departments: |
School of Computing
|
Specifications of the qualifications and experience required of staff |
|
Learning Outcomes |
On successful completion of this module the learner will be able to: |
# |
Learning Outcome Description |
LO1 |
Illustrate the key data lifecycle stages and reliance on these for effective information governance in real-world settings. |
LO2 |
Explain in detail a broad range of core policy and legal aspects in data governance and compliance for financial applications. |
LO3 |
Describe the requirements to ensure confidentiality, integrity and availability of information and systems. |
LO4 |
Debate the key concepts of risk management and information technology resilience. |
LO5 |
Describe the key threats to information systems and data processing services. |
Dependencies |
Module Recommendations
This is prior learning (or a practical skill) that is required before enrolment on this module. While the prior learning is expressed as named NCI module(s) it also allows for learning (in another module or modules) which is equivalent to the learning specified in the named module(s).
|
No recommendations listed |
Co-requisite Modules
|
No Co-requisite modules listed |
Module Content & Assessment
Indicative Content |
Weeks 1-2
Cybersecurity Concepts
• Security foundation concepts (e.g., the CIA triad)
• Security categories (e.g., prevention, detection, recovery)
• Security-related concepts (e.g., AAA)
• Controls to support security categories
• Basics of cryptography
|
Weeks 3-5
Threats to Information & Data Processing Services
• The cybersecurity landscape
• Impact of cyber-attacks and data breaches
• Digital footprint
• Risk terminology: Threats (and vectors), vulnerabilities, and controls
• Common threats (malware types) and types of threat actors
• Anatomy of an attack
• Common types of attacks
• High-profile attacks
|
Week 6
Security Governance
• Organizational processes (e.g., data classification)
• Organizational roles and responsibilities (e.g., data owner, data custodian)
• Security control frameworks (e.g., NIST, COBIT)
• Key components of a cyber security programme (including policies, procedures, guidelines, and standards)
|
Week 7
Data Governance
• Introduction to data governance
• Data lifecycle management
• Data management frameworks
• Roles and responsibilities
• Operating model types
• Tools
|
Weeks 8-9
Data Governance Dimensions
• Data quality
• Data provenance
• Data integrity
• Data policies, processes, and procedures
• Data privacy and regulatory compliance (including key data protection legislative frameworks such as the Data Protection Act 2018 and the GDPR)
|
Week 10
Risk Assessment & Risk Management
• Risk terminology
• Key Risks Management Components (e.g., ability to assess and measure risks)
• Risk Mitigation Techniques (e.g., reduce / mitigate, transfer, accept, etc.)
• Cost Benefit Analysis
• Cyber Risk management
• Insurance and Cyber insurance
• Fraud detection
|
Week 11
Legal Aspects
• Litigation and e-Discovery
• Contract Law
• e-Commerce Law
• Data Protection Law
• Cyber-criminal law
• Contemporary Legal Issues of Virtual Currencies, Blockchain, Financial Services and their Regulation (e.g., RegTech), FinTech Tax
|
Week 12
Ethical Issues Pertaining to Data
• Types and sources of ethics (e.g., personal, professional, societal, law)
• Data ethics theories (e.g., virtue-based, principle-based, relativism, utilitarianism)
• Information Technology ethics and issues arising in ethical use of computing (e.g., spam, censorship and free speech, anonymity, cyberbullying, copyright)
• Information ethics and data governance
• Data ethics frameworks, principles, and codes of conduct
• Ethical impact assessment
|
Assessment Breakdown | % |
Coursework | 100.00% |
AssessmentsFull Time
Coursework |
Assessment Type: |
Continuous Assessment |
% of total: |
50 |
Assessment Date: |
n/a |
Outcome addressed: |
3,5 |
Non-Marked: |
No |
Assessment Description: This will evaluate students’ knowledge and ability to critically appraise case scenarios where they need to analyse best outcomes for a particular cyber security challenge such as, but not limited to, data breaches, cybersecurity attacks, etc. Students may work in teams. |
|
Assessment Type: |
Continuous Assessment |
% of total: |
50 |
Assessment Date: |
n/a |
Outcome addressed: |
1,2,4 |
Non-Marked: |
No |
Assessment Description: This will assess learners’ insights and evaluation of data governance, legal aspects, and ethical issues relating to both their own work and other situational contexts and scenarios. Students may work in teams. |
|
No End of Module Assessment |
Reassessment Requirement |
Repeat examination
Reassessment of this module will consist of a repeat examination. It is possible that there will also be a requirement to be reassessed in a coursework element.
|
Reassessment Description Reassessment of this module will consist of a repeat examination. It is possible that there will also be a requirement to be reassessed in a coursework element. Reassessment of this module will be via repeat examination which evaluates all learning outcomes.
|
NCIRL reserves the right to alter the nature and timings of assessment
Module Workload
Module Target Workload Hours 0 Hours |
Workload: Full Time |
Workload Type |
Workload Description |
Hours |
Frequency |
Average Weekly Learner Workload |
Lecture |
No Description |
24 |
Per Semester |
2.00 |
Directed Learning |
Directed E-Learning |
24 |
Per Semester |
2.00 |
Independent Learning |
No Description |
202 |
Per Semester |
16.83 |
Total Weekly Contact Hours |
4.00 |
Module Resources
Recommended Book Resources |
---|
-
Jelena Madir. (2019), Fintech, Edward Elgar Publishing, p.496, [ISBN: 9781788979016].
-
Dama International. DAMA-DMBOK, [ISBN: 9781634622349].
-
Jason Andress. (2011), The Basics of Information Security, Syngress Press, p.171, [ISBN: 1597496537].
-
Herman T. Tavani. (2015), Ethics and Technology, John Wiley & Sons, [ISBN: 9781119239758].
| Supplementary Book Resources |
---|
-
Denis Kelleher,Karen Murray. (2017), EU Privacy and Data Protection Law, Bloomsbury Professional, p.400, [ISBN: 9781784515539].
-
Katherine O'Keefe,Daragh O Brien. (2018), Ethical Data and Information Management, Kogan Page, p.344, [ISBN: 0749482044].
| This module does not have any article/paper resources |
---|
This module does not have any other resources |
---|
|