Unit rationale, description and aim

This unit is designed to equip students with essential skills and knowledge to navigate the complexities of cybersecurity governance, implement effective policies, and address ethical challenges. In today’s digital age, understanding cybersecurity is critical for business students to protect sensitive information, ensure compliance and risk management, and maintain trust with stakeholders. The unit explores the critical factors of cyber governance essential for managing risks and responding effectively to data breaches. Students will gain a thorough understanding of the legal frameworks governing cybersecurity in Australia, including key governance organisations. Students will apply theoretical knowledge, enhancing their capability to manage cybersecurity threats and maintain an up-to-date proficiency in cybersecurity, policy, governance, and ethics.

Additionally, the unit covers ethical hacking, breach response strategies, and the impact of emerging technologies such as AI. Students will be prepared to navigate complex IT governance landscapes, make ethical decisions, and contribute to the development of responsible, inclusive digital solutions. The unit aims to develop capabilities in cybersecurity leadership by providing a comprehensive view of governance frameworks, legal requirements, and ethical considerations. It will enable students to analyse business models, assess risk profiles, and implement cybersecurity strategies.

Through this learning, students will be well-positioned for careers in cybersecurity leadership, risk management, compliance, and IT governance, ensuring they can contribute to safeguarding digital ecosystems and adapting to the evolving demands of industry and society.

2026 10

Campus offering

No unit offerings are currently available for this unit.

Prerequisites

Nil

Learning outcomes

To successfully complete this unit you will be able to demonstrate you have achieved the learning outcomes (LO) detailed in the below table.

Each outcome is informed by a number of graduate capabilities (GC) to ensure your work in this, and every unit, is part of a larger goal of graduating from ACU with the attributes of insight, empathy, imagination and impact.

Explore the graduate capabilities.

Evaluate cybersecurity governance frameworks, deve...

Learning Outcome 01

Evaluate cybersecurity governance frameworks, develop policy responses to emerging cybersecurity threats, and assess the impact of emerging technologies such as AI
Relevant Graduate Capabilities: GC1, GC10

Apply legal frameworks relevant to cybersecurity i...

Learning Outcome 02

Apply legal frameworks relevant to cybersecurity in Australia and integrate ethical considerations into their cybersecurity practices.
Relevant Graduate Capabilities: GC2, GC8

Assess risk profiles and business models to design...

Learning Outcome 03

Assess risk profiles and business models to design and implement robust cybersecurity strategies for managing cybersecurity threats.
Relevant Graduate Capabilities: GC2, GC7

Critically evaluate the impact of emerging technol...

Learning Outcome 04

Critically evaluate the impact of emerging technologies such as AI, develop ethical hacking and breach response strategies, and effectively communicate complex cybersecurity issues to senior management and stakeholders.
Relevant Graduate Capabilities: GC2, GC12

Content

Topics will include:

  • cybersecurity governance principles and practices 
  • roles and responsibilities in cybersecurity management  
  • key governance organisations and their functions 
  • cybersecurity regulations and reporting requirements 
  • assessment, analysis and risk mitigation  
  • cybersecurity governance, policies and frameworks 
  • leadership in cybersecurity 
  • ethics in cybersecurity 
  • ethical hacking and breach response 
  • impact of emerging technologies and cybersecurity challenges
  • dynamic nature of cybersecurity 
  • cybersecurity strategy implementation  
  • crisis management and incident response 

Assessment strategy and rationale

To pass this unit, students must critically analyse key concepts and theories related to cybersecurity governance, policy, and ethics. They are expected to demonstrate critical thinking by applying these concepts to real-world scenarios, drawing on relevant literature and case studies that reflect diverse perspectives. The assessment strategy is designed to progressively build students’ knowledge and skills through three interconnected tasks: a written essay focusing on theoretical foundations, a group project analysing a real-world incident with a practical AI solution, and an individual report and presentation offering strategic recommendations to an organisation. Each task targets specific learning outcomes and reinforces ethical and legal reasoning in cybersecurity contexts. Students must achieve a minimum overall mark of 50% to pass the unit. Assessments will be graded using rubrics aligned with the intended learning outcomes, ensuring transparency and consistency in evaluation. The staged nature of the assessments supports the development of both analytical and applied capabilities in a coherent and cumulative manner.

 

Overview of assessments

Assessment Task 1: Written Assignment (800 words...

Assessment Task 1: Written Assignment (800 words)

This assessment task requires students to independently write a detailed essay critically analysing cybersecurity governance frameworks. The essay should include an evaluation of current governance structures, legal requirements, and ethical considerations in cybersecurity. Students should reference relevant literature and case studies and incorporate diverse perspectives to support their analysis. This assessment encourages students to deeply engage with theoretical concepts and demonstrate their critical thinking and analytical skills. The assessment should address the framework that reflects on a real life example.

Submission Type: Individual 

Assessment Method: Written 

Weighting

25%

Learning Outcomes LO1, LO2
Graduate Capabilities GC1, GC2, GC8, GC10

Assessment Task 2: Written Report (2000 words) a...

Assessment Task 2: Written Report (2000 words) and program

This task requires students to analyse a real-world cybersecurity incident. The report should include a detailed analysis of the incident, identifying key issues, evaluate the incident response, and propose an alternative plan of action if necessary. This plan should include recommendations for improving cybersecurity governance, implementing robust policies, and addressing any ethical considerations that arose during the incident. The assessment aims to evaluate students’ ability to translate theoretical knowledge into practical solutions and develop effective strategies. The students are supposed to submit the programs that use the available AI tools to implement their solution.

Submission Type: Group

Assessment Method: Written report and program

Weighting

40%

Learning Outcomes LO1, LO2, LO3, LO4
Graduate Capabilities GC1, GC2, GC7, GC8, GC10

Assessment Task 3: Written Report (1000 words) a...

Assessment Task 3: Written Report (1000 words) and presentation

This assessment task requires students to write a report for a business or department, outlining effective cybersecurity strategies, policies, governance, and ethical considerations. The report should include a risk analysis, identification of emerging threats and provide comprehensive recommendations for improving the organisation or departments cybersecurity posture. This assessment helps students apply their theoretical knowledge to practical business scenarios, develop problem-solving skills, and create actionable plans for enhancing cybersecurity strategies and governance. They are required to develop their solution and present the highlights to the stakeholders.

Submission Type: Individual

Assessment Method: Written resport and 10 minute presentation

Weighting

35%

Learning Outcomes LO1, LO2, LO3, LO4
Graduate Capabilities GC1, GC2, GC7, GC8, GC10, GC12

Learning and teaching strategy and rationale

Students should anticipate undertaking 150 hours of study for this unit over a twelve-week semester or equivalent study period, including class attendance, readings, online forum participation and assessment preparation.

This unit may be offered in “Attendance” and/or “Online” mode to cater for the learning needs and preferences of a range of participants.

Attendance Mode

Students will require face-to-face attendance in blocks of time determined by the school. Students will have face-to-face interactions with lecturer(s) to further their achievement of the learning outcomes. This unit is structured with required upfront preparation before workshops. The online learning platforms used in this unit provide multiple forms of preparatory and practice opportunities for students to prepare and revise.

Online Mode

This unit utilises an active learning approach whereby students will engage in e-module activities, readings and reflections, and opportunities to collaborate with peers in an online environment. This can involve, but is not limited to, online workshops, online discussion forums, chat rooms, guided reading, and webinars. Pre-recorded lectures will be incorporated within the online learning environment and e-modules. In addition, electronic readings will be provided to guide students’ reading and extend other aspects of online learning

Representative texts and references

Edwards, J., & Weaver, G. (2024). The cybersecurity guide to governance, risk, and compliance. Wiley.

Jøsang, A. (2025). Cybersecurity: Technology and governance. Springer.

Tuffley, D. (2023). CyberSecurity governance, policy, ethics & law. Independently published. https://www.amazon.com/CyberSecurity-Governance-Policy-Ethics-Law-ebook/dp/B0C98RD6PZ


 

Locations
Credit points
Year

Have a question?

We're available 9am–5pm AEDT,
Monday to Friday

If you’ve got a question, our AskACU team has you covered. You can search FAQs, text us, email, live chat, call – whatever works for you.

Live chat with us now

Chat to our team for real-time
answers to your questions.

Launch live chat

Visit our FAQs page

Find answers to some commonly
asked questions.

See our FAQs