Unit rationale, description and aim
This unit is designed to equip students with essential skills and knowledge to navigate the complexities of cybersecurity governance, implement effective policies, and address ethical challenges. In today’s digital age, understanding cybersecurity is critical for business students to protect sensitive information, ensure compliance and risk management, and maintain trust with stakeholders. The unit explores the critical factors of cyber governance essential for managing risks and responding effectively to data breaches. Students will gain a thorough understanding of the legal frameworks governing cybersecurity in Australia, including key governance organisations. Students will apply theoretical knowledge, enhancing their capability to manage cybersecurity threats and maintain an up-to-date proficiency in cybersecurity, policy, governance, and ethics.
Additionally, the unit covers ethical hacking, breach response strategies, and the impact of emerging technologies such as AI. Students will be prepared to navigate complex IT governance landscapes, make ethical decisions, and contribute to the development of responsible, inclusive digital solutions. The unit aims to develop capabilities in cybersecurity leadership by providing a comprehensive view of governance frameworks, legal requirements, and ethical considerations. It will enable students to analyse business models, assess risk profiles, and implement cybersecurity strategies.
Through this learning, students will be well-positioned for careers in cybersecurity leadership, risk management, compliance, and IT governance, ensuring they can contribute to safeguarding digital ecosystems and adapting to the evolving demands of industry and society.
Campus offering
No unit offerings are currently available for this unit.Learning outcomes
To successfully complete this unit you will be able to demonstrate you have achieved the learning outcomes (LO) detailed in the below table.
Each outcome is informed by a number of graduate capabilities (GC) to ensure your work in this, and every unit, is part of a larger goal of graduating from ACU with the attributes of insight, empathy, imagination and impact.
Explore the graduate capabilities.
Evaluate cybersecurity governance frameworks, deve...
Learning Outcome 01
Apply legal frameworks relevant to cybersecurity i...
Learning Outcome 02
Assess risk profiles and business models to design...
Learning Outcome 03
Critically evaluate the impact of emerging technol...
Learning Outcome 04
Content
Topics will include:
- cybersecurity governance principles and practices
- roles and responsibilities in cybersecurity management
- key governance organisations and their functions
- cybersecurity regulations and reporting requirements
- assessment, analysis and risk mitigation
- cybersecurity governance, policies and frameworks
- leadership in cybersecurity
- ethics in cybersecurity
- ethical hacking and breach response
- impact of emerging technologies and cybersecurity challenges
- dynamic nature of cybersecurity
- cybersecurity strategy implementation
- crisis management and incident response
Assessment strategy and rationale
To pass this unit, students must critically analyse key concepts and theories related to cybersecurity governance, policy, and ethics. They are expected to demonstrate critical thinking by applying these concepts to real-world scenarios, drawing on relevant literature and case studies that reflect diverse perspectives. The assessment strategy is designed to progressively build students’ knowledge and skills through three interconnected tasks: a written essay focusing on theoretical foundations, a group project analysing a real-world incident with a practical AI solution, and an individual report and presentation offering strategic recommendations to an organisation. Each task targets specific learning outcomes and reinforces ethical and legal reasoning in cybersecurity contexts. Students must achieve a minimum overall mark of 50% to pass the unit. Assessments will be graded using rubrics aligned with the intended learning outcomes, ensuring transparency and consistency in evaluation. The staged nature of the assessments supports the development of both analytical and applied capabilities in a coherent and cumulative manner.
Overview of assessments
Assessment Task 1: Written Assignment (800 words...
Assessment Task 1: Written Assignment (800 words)
This assessment task requires students to independently write a detailed essay critically analysing cybersecurity governance frameworks. The essay should include an evaluation of current governance structures, legal requirements, and ethical considerations in cybersecurity. Students should reference relevant literature and case studies and incorporate diverse perspectives to support their analysis. This assessment encourages students to deeply engage with theoretical concepts and demonstrate their critical thinking and analytical skills. The assessment should address the framework that reflects on a real life example.
Submission Type: Individual
Assessment Method: Written
25%
Assessment Task 2: Written Report (2000 words) a...
Assessment Task 2: Written Report (2000 words) and program
This task requires students to analyse a real-world cybersecurity incident. The report should include a detailed analysis of the incident, identifying key issues, evaluate the incident response, and propose an alternative plan of action if necessary. This plan should include recommendations for improving cybersecurity governance, implementing robust policies, and addressing any ethical considerations that arose during the incident. The assessment aims to evaluate students’ ability to translate theoretical knowledge into practical solutions and develop effective strategies. The students are supposed to submit the programs that use the available AI tools to implement their solution.
Submission Type: Group
Assessment Method: Written report and program
40%
Assessment Task 3: Written Report (1000 words) a...
Assessment Task 3: Written Report (1000 words) and presentation
This assessment task requires students to write a report for a business or department, outlining effective cybersecurity strategies, policies, governance, and ethical considerations. The report should include a risk analysis, identification of emerging threats and provide comprehensive recommendations for improving the organisation or departments cybersecurity posture. This assessment helps students apply their theoretical knowledge to practical business scenarios, develop problem-solving skills, and create actionable plans for enhancing cybersecurity strategies and governance. They are required to develop their solution and present the highlights to the stakeholders.
Submission Type: Individual
Assessment Method: Written resport and 10 minute presentation
35%
Learning and teaching strategy and rationale
Students should anticipate undertaking 150 hours of study for this unit over a twelve-week semester or equivalent study period, including class attendance, readings, online forum participation and assessment preparation.
This unit may be offered in “Attendance” and/or “Online” mode to cater for the learning needs and preferences of a range of participants.
Attendance Mode
Students will require face-to-face attendance in blocks of time determined by the school. Students will have face-to-face interactions with lecturer(s) to further their achievement of the learning outcomes. This unit is structured with required upfront preparation before workshops. The online learning platforms used in this unit provide multiple forms of preparatory and practice opportunities for students to prepare and revise.
Online Mode
This unit utilises an active learning approach whereby students will engage in e-module activities, readings and reflections, and opportunities to collaborate with peers in an online environment. This can involve, but is not limited to, online workshops, online discussion forums, chat rooms, guided reading, and webinars. Pre-recorded lectures will be incorporated within the online learning environment and e-modules. In addition, electronic readings will be provided to guide students’ reading and extend other aspects of online learning.
Representative texts and references
Edwards, J., & Weaver, G. (2024). The cybersecurity guide to governance, risk, and compliance. Wiley.
Jøsang, A. (2025). Cybersecurity: Technology and governance. Springer.
Tuffley, D. (2023). CyberSecurity governance, policy, ethics & law. Independently published. https://www.amazon.com/CyberSecurity-Governance-Policy-Ethics-Law-ebook/dp/B0C98RD6PZ