MBA621 Information Systems Risk Management and Governance

This course establishes the foundation for the Information Systems and Controls (ISC) discipline. Students will examine the three principles of Information Technology (IT) Risk Management: risk analysis, risk assessment and risk mitigation, with an emphasis on data governance, strategy, and privacy frameworks such as COBIT, NYDFS and NIST. Understanding how to identify, analyze, assess and mitigate risks using the underlying frameworks. Students will apply this knowledge while performing the risk assessment process for basic access and change management controls. Once students develop risk assessment skills, they will assess what actions can be taken by the risk management team to address the top identified risks. With this knowledge and experience, students can leverage these principles to build a stronger organization that is more resilient to operational disruptions and other perils.