English   Danish

2016/2017  BA-BHAAI1054U  IT Risk Management and Governance

English Title
IT Risk Management and Governance

Course information

Language English
Course ECTS 7.5 ECTS
Type Elective
Level Bachelor
Duration Summer
Start time of the course Summer
Timetable Course schedule will be posted at calendar.cbs.dk
Max. participants 120
Study board
Study Board for BSc in Economics and Business Administration
Course coordinator
  • Course instructor: Dr. Michelle Antero, Assistant Professor, Zayed University, College of Technological Innovation, ma.msc@cbs.dk
    Sven Bislev - Department of Management, Society and Communication (MSC)
In case of any academic questions related to the course, please contact the course instructor or the academic director, Sven Bislev at sb.ikl@cbs.dk
Main academic disciplines
  • Information technology
  • Management
  • Project and change management
Last updated on 29/05/2017
Learning objectives
To achieve the grade 12, students should meet the following learning objectives with no or only minor mistakes or errors:
  • Learners should be able to understand risk, risk management, governance and their impact to an organization.
  • Learners should be able to determine appropriate strategies to manage risk;
  • Learners should be able to implement and evaluate the best practices and standards to manage risk;
  • Learners should be able to perform a risk assessment to analyze a problem in an organization and define the necessary techniques appropriate to mitigate the risk.
Course prerequisites
No prerequisites.
IT Risk Management and Governance:
Exam ECTS 7.5
Examination form Home assignment - written product
Individual or group exam Individual exam
Size of written product Max. 10 pages
Assignment type Written assignment
Duration 72 hours to prepare
Grading scale 7-step scale
Examiner(s) One internal examiner
Exam period Summer, Ordinary exam: End of July - beginning of August 2017.

Retake exam: End of September - beginning of October 2017.

3rd attempt (2nd retake) exam: End November - beginning of December 2017.

Exam schedule is available on http://www.cbs.dk/summer http:/​/​www.cbs.dk/​uddannelse/​summer-university-programme/​exam.
Make-up exam/re-exam
Same examination form as the ordinary exam
Home project assignment, new exam question.
Course content and structure

The course will cover risk management and governance topics relevant to Information Technology (IT). It explains how IT risks are managed to achieve strategic benefits for the company. It looks at  various IT governance arrangements as well as identifies risks to consider when developing IT policies.


Class 1: IT Risk, Risk Management

Class 2: Risk Management and its Importance to the Organization

Class 3:Developing a Risk Management Plan

Class 4:Defining Risk Assessment

Class 5:Identifying Assets and Activities to be Protected

Class 6:Risk Mitigation security controls

feedback activity: Case Study

Class 7:Turning your Risk assessment into a Risk Mitigation

Class 8: IT Governance Simultaneously Empowers and Controls

Class 9: IT Governance Archetypes for Allocating Decision Rights

Class 10: Mechanisms for Implementing IT Governance

Class 11: Linking Strategy, IT Governance, and Performance

Teaching methods
Lectures and case-based tutorials
Student workload
Preliminary assignment 10 hours
Classroom attendance 33 hours
Preparation 144 hours
Feedback activity 7 hours
Examination 12 hours
Further Information

Preliminary Assignment: To help students get maximum value from ISUP courses, instructors provide a reading or a small number of readings or video clips to be read or viewed before the start of classes with a related task scheduled for class 1 in order to 'jump-start' the learning process.


Feedback Activity: A feedback activity defined by the course instructor will take place approx. half-way through the course.


Course timetable is available on http://www.cbs.dk/uddannelse/summer-university-programme/courses.


Expected literature


Gibson, Daril: Managing Risk in Information Systems

Jones and Bartlett, 2015




Weill, Peter and Ross, Jeanne: IT Governance

Harvard Business School, 2004

Last updated on 29/05/2017