Information Security and Risk Management (BSR103)

Home / Professional Degree in Software Engineering /
Information Security and Risk Management (BSR103)

Course Overview

What This Course Prepares You For

Information Security and Risk Management (BSR103) prepares you to protect digital assets and manage security risks in real-world IT environments. Whether you're aiming to implement organizational policies, assess threats, or contribute to compliance efforts, this course builds the foundation for a career in cybersecurity and risk governance.

You’ll go beyond theory — with risk assessment simulations, security control planning, ISO/IEC 27001 frameworks, and incident response scenarios — developing the practical skills needed to secure systems, reduce vulnerabilities, and support business continuity.

What You’ll Learn

Real-World Information Security in Modern Working Environments

Introduction to Information Security & Risk Management

Learn the foundations of securing information systems and managing organizational risk.

Learn the foundations of securing information systems and managing organizational risk.

Importance of Information Security in Organizations

Understand why protecting data is critical for business continuity and trust.

Understand why protecting data is critical for business continuity and trust.

Types of Security Threats and Vulnerabilities

Explore common cyber threats and weaknesses in systems.

Explore common cyber threats and weaknesses in systems.

Overview of ISO/IEC 27001 Standard

Get familiar with the global standard for information security management systems.

Get familiar with the global standard for information security management systems.

Information Security Policies and Procedures

Learn how to draft, apply, and enforce security policies effectively.

Learn how to draft, apply, and enforce security policies effectively.

Risk Management Principles and Risk Assessment Techniques

Identify, assess, and prioritize security risks using best practices.

Identify, assess, and prioritize security risks using best practices.

Implementation of Security Controls

Apply technical and administrative controls to protect systems.

Apply technical and administrative controls to protect systems.

Security Awareness and Training

Promote a strong security culture through education and best practices.

Promote a strong security culture through education and best practices.

Business Continuity and Incident Response

Plan for disruptions and respond effectively to security incidents.

Plan for disruptions and respond effectively to security incidents.

Auditing and Monitoring Information Security

Track, audit, and improve security posture through active monitoring.

Track, audit, and improve security posture through active monitoring.

Hands-On Practical Activities

From Bench Testing to Real Repairs

Identify potential threats and vulnerabilities in a simulated IT environment, and document risk levels and mitigation strategies.
Draft basic information security policies (e.g., password policy, access control), then implement them in a Windows environment using Group Policy.
Studied various phishing email samples to identify social engineering tactics and improve recognition skills without using simulation tools for testing employee response
Assign and test different access levels across systems to enforce least privilege principles.
Set up a software firewall (e.g., Windows Defender Firewall ) and observe allowed/blocked traffic.
Scan a test system for vulnerabilities and interpret the results to recommend corrective actions.
Match organizational controls to ISO 27001 clauses in a guided worksheet or checklist activity.
Work through a mock security breach scenario to activate and follow an incident response plan.
Perform a full backup of sensitive data and conduct a restoration to verify data integrity and continuity planning.
Review event logs for suspicious activity and generate a basic audit report for management.

Photo Gallery: See Learning in Action

Get a glimpse of what hands-on learning looks like!

Students immerse themselves in practical cybersecurity and risk management tasks — from drafting security policies and conducting risk assessments to configuring firewalls and responding to simulated cyber incidents. These hands-on sessions capture learners applying real-world tools, analyzing system logs, managing user permissions, and executing backup strategies — transforming theoretical knowledge into workplace-ready information security skills.

Computer-Hardware-Fundamental-DHS102

DHS102-students-troubleshooting-computer

Mobile-and-Printing-Technology-DMP104

DMP104-Student-repair-laptop-1

DSA106-Student-configuration-server

Frequently Asked Questions (FAQ)

Your Questions, Answered in Detail

Do I need any experience to join this course?

✅ Yes, a Diploma in Information Technology or equivalent foundational knowledge is required. This course is designed for students who already understand basic networking and computer system concepts.

Will I get to build a real PC during the course?

✅ Yes! You will build, troubleshoot, and maintain both branded and custom PC builds.

What tools and software will I learn to use?

✅ You’ll work with tools like vulnerability scanners (e.g., OpenVAS), firewalls (e.g., pfSense), log analyzers, and risk assessment templates based on ISO/IEC 27001.

Will I learn how to consult for hardware purchases?

✅ While the focus is on security, you’ll gain basic skills to advise on secure hardware choices, like encrypted storage, secure routers, and access control devices.

What makes this course industry-relevant?

✅ It covers real tools, devices, and repair tasks used in today’s IT support jobs.

Prof. Degree in Software Engineering Related Course

Pathway to Professional Software Engineering: Build Your Future in Tech

Professional Degree in Information Technology

Project Management (DPM102)

Project Management (DPM102) Home / Professional Degree in Information Technology /Project Management (DPM102)...

Professional Degree in Information Technology

Digital Marketing (BDM101)

Digital Marketing (BDM101) Home / Professional Degree in Information Technology /Digital Marketing (BDM101)...

Professional Degree in Information Technology

Linux for System Engineers (BSE208)

Linux for System Engineers (BSE208) Home / Professional Degree in Information Technology /...

Professional Degree in Information Technology

Web Hosting Management (BHM207)

Web Hosting Management (BHM207) Home / Professional Degree in Information Technology /Web Hosting...

Professional Degree in Information Technology

Data Analytics (BDP206)

Data Analytics (BDP206) Home / Professional Degree in Information Technology / Data Analytics...

Professional Degree in Information Technology

Fundamentals of SEO and SEM (BSS205)

Fundamentals of SEO and SEM (BSS205) Home / Professional Degree in Information Technology...

EDUVO SDN. BHD.

1110054P / 201401033963

VO3-9-13, Designer Office,
Lingkaran Sunway Velocity,
55100 Kuala Lumpur.

About Us

News, Events & Updates

Academic & Learning Opportunities

Student Success & Community

Contact Info

Locate Us On

Near 2 MRT stations and 1 LRT station

Personal Data Protection Notice

© - EDUVO SDN BHD | All Rights Reserved