Course Summary
Credit Type:
Organization's ID:
13 hours
Dates Offered:
Credit Recommendation & Competencies
Level Credits (SH) Subject
Upper-Division Baccalaureate 1 Business, Information Risk Management, or Introduction to Information Security
Students who request a credit recommendation for TEEX-0286 cannot receive a credit recommendation for TEEX-0252.


The course objective is to provide an introduction to the fundamentals of risk management in the IT and information management arena. This course includes the following topics: information assets, identifying risks, and management processes highlighting best principles and practices. It will provide training in information risk-related tools and technologies (such as asset evaluation, business impact analysis, risk identification, risk quantification, risk response, security policies and compliance) for better understanding of potential threats and vulnerabilities in business online, and learning to adopt levels of security measures and best practices.

Learning Outcomes:

  • Identify key concepts of information security risk management
  • Examine and evaluate IT assets for a business impact analysis
  • Explain how to use risk controls to mitigate or eliminate identified risks
  • Develop and apply organizational security policies to manage information risks
  • Apply risk and hazard frameworks to common cyber threats
  • Quantify cyber risks based on vulnerabilities, impact and likelihood

General Topics:

  • Risk management principles and practices
  • Hazards and threats
  • Information security risk management
  • ISRM stakeholders
  • Risk management frameworks
  • ISRM frameworks
  • ISRM processes
  • Risk management context
  • IT systems components
  • Asset identification and inventory
  • Asset valuation and criticality
  • Loss impact and business impact analysis
  • Goals of risk identification
  • Hazard context and specification
  • Hazard and threat identification frameworks
  • Risk identification and common cyber threats
  • Risk symptoms and root causes
  • Project risk
  • Goal of risk quantification
  • Quantification methods
  • Risk likelihood, vulnerability, and impact
  • Risk prioritization, tolerance, and response
  • Goal of risk control
  • Risk response and limitation
  • Risk controls and practices
  • Cyber security controls and practices
  • Security and risk management policy
  • Cyber security compliance
  • Business continuity
Instruction & Assessment

Instructional Strategies:

  • Computer Based Training

Methods of Assessment:

  • Case Studies
  • Examinations
  • Quizzes

Minimum Passing Score:

Supplemental Materials