VVZ API is not affiliated with ETH Zurich. Data might be outdated or incorrect. Please view the official ETHZ Vorlesungsverzeichnis for binding information.
IT Security and Risk Management
Last Updated: 2026-02-05 15:14:30
Abstract
Systematic review of technical, methodological, procedural and organisational aspects of security and risk management in IT environments, and their connection with related areas such as compliance and governance.
Objective
After this course, students will be able to (1) recognize, understand and balance the various influencing factors for a comprehensive IT risk and security management approach, (2) evaluate and review, as well as (3) build or improve existing IT risk and security management systems.
Content
Besides technical solution elements, an effectiv approach towards IT security for complex IT environments has to encompass aspects of IT risk management, architecture, organisation, business, and process / service orientation. Such a broad IT risk and security management approach must be based on requirements from a variety of fields, such as business processes, law and regulation, standards, and industry best practices, and is closely associated with corporate functions such as audit, compliance, quality management and other IT-related disciplines. Likewise, IT risk and security management must be properly embedded into the overall corporate risk and governance model.
Resources
Lecture Notes
The slides presented during the lectures are the script.
Literature
Supporting literature will be announced during the lecture.
General Information
- Language
- English
- Levels
- BSC , DS , MSC
- Frequency
- Yearly recurring
Examination
- Type
- session examination
- Mode
- oral 30 minutes
Course Components
| Type | Title | Time & Place | Hours |
|---|---|---|---|
| lecture | IT Security and Risk Management |
|
2 h weekly |
| exercise | IT Security and Risk Management |
|
2 h weekly |