Unit rationale, description and aim
Effective cybersecurity governance is essential to organisational resilience, trust, and ethical digital practice in an increasingly interconnected global economy. This unit provides students with a foundational understanding of how governance structures, policies, and ethical frameworks support the management of cyber risk and regulatory compliance in contemporary organisations.
The unit equips students with essential skills to understand and manage cybersecurity governance, develop effective policies, and address ethical challenges in global digital environments. Students will explore core principles of cyber governance, including risk assessment, incident response, and strategic oversight, alongside key international legal and regulatory frameworks and the roles of major global governance bodies.
Through applied learning, students will learn to identify cybersecurity threats, evaluate organisational vulnerabilities, and design appropriate governance strategies. The unit also examines ethical hacking, breach-response planning, and the governance implications of emerging technologies such as artificial intelligence.
Students will develop the capability to work across diverse IT governance contexts, make ethical and inclusive decisions, and contribute to responsible digital solutions. The aim of this unit is to prepare students to effectively contribute to cybersecurity governance, risk management, and compliance in complex global organisational contexts
Learning outcomes
To successfully complete this unit you will be able to demonstrate you have achieved the learning outcomes (LO) detailed in the below table.
Each outcome is informed by a number of graduate capabilities (GC) to ensure your work in this, and every unit, is part of a larger goal of graduating from ACU with the attributes of insight, empathy, imagination and impact.
Explore the graduate capabilities.
Evaluate cybersecurity governance frameworks, deve...
Learning Outcome 01
Apply legal frameworks relevant to cybersecurity i...
Learning Outcome 02
Assess risk profiles and business models to design...
Learning Outcome 03
Critically evaluate the impact of emerging technol...
Learning Outcome 04
Content
Topics will include:
- cybersecurity governance principles and practices
- roles and responsibilities in cybersecurity management
- key governance organisations and their functions
- cybersecurity regulations and reporting requirements
- assessment, analysis and risk mitigation
- cybersecurity governance, policies and frameworks
- leadership in cybersecurity
- ethics in cybersecurity
- ethical hacking and breach response
- impact of emerging technologies and cybersecurity challenges
- dynamic nature of cybersecurity
- cybersecurity strategy implementation
- crisis management and incident response
Assessment strategy and rationale
To pass this unit, students must critically analyse key concepts and theories related to cybersecurity governance, policy, and ethics. They are expected to demonstrate critical thinking by applying these concepts to real-world scenarios, drawing on relevant literature and case studies that reflect diverse perspectives. The assessment strategy is designed to progressively build students’ knowledge and skills through three interconnected tasks: a written essay focusing on theoretical foundations, a group project analysing a real-world incident with a practical AI solution, and an individual report and presentation offering strategic recommendations to an organisation. Each task targets specific learning outcomes and reinforces ethical and legal reasoning in cybersecurity contexts. Students must achieve a minimum overall mark of 50% to pass the unit. Assessments will be graded using rubrics aligned with the intended learning outcomes, ensuring transparency and consistency in evaluation. The staged nature of the assessments supports the development of both analytical and applied capabilities in a coherent and cumulative manner.
Overview of assessments
Assessment Task 1: Written Assignment (800 words...
Assessment Task 1: Written Assignment (800 words)
This assessment task requires students to independently write a detailed essay critically analysing cybersecurity governance frameworks. The essay should include an evaluation of current governance structures, legal requirements, and ethical considerations in cybersecurity. Students should reference relevant literature and case studies and incorporate diverse perspectives to support their analysis. This assessment encourages students to deeply engage with theoretical concepts and demonstrate their critical thinking and analytical skills. The assessment should address the framework that reflects on a real life example.
Submission Type: Individual
Assessment Method: Written
25%
Assessment Task 2: Written Report (2000 words) a...
Assessment Task 2: Written Report (2000 words) and program
This task requires students to analyse a real-world cybersecurity incident. The report should include a detailed analysis of the incident, identifying key issues, evaluate the incident response, and propose an alternative plan of action if necessary. This plan should include recommendations for improving cybersecurity governance, implementing robust policies, and addressing any ethical considerations that arose during the incident. The assessment aims to evaluate students’ ability to translate theoretical knowledge into practical solutions and develop effective strategies. The students are supposed to submit the programs that use the available AI tools to implement their solution.
Submission Type: Group
Assessment Method: CADMUS report and program
40%
Assessment Task 3: Written Report (1000 words) a...
Assessment Task 3: Written Report (1000 words) and presentation
This assessment task requires students to write a report for a business or department, outlining effective cybersecurity strategies, policies, governance, and ethical considerations. The report should include a risk analysis, identification of emerging threats and provide comprehensive recommendations for improving the organisation or departments cybersecurity posture. This assessment helps students apply their theoretical knowledge to practical business scenarios, develop problem-solving skills, and create actionable plans for enhancing cybersecurity strategies and governance. They are required to develop their solution and present the highlights to the stakeholders.
Submission Type: Individual
Assessment Method: Written report and 10 minute presentation + Viva
35%
Learning and teaching strategy and rationale
This unit is delivered through Attendance and Online modes using a single, integrated learning and teaching strategy designed to ensure equivalent learning outcomes and a comparable learning experience for all students, while supporting diverse learning needs and maximising access.
Across both modes, learning activities are intentionally aligned to the unit learning outcomes and assessment tasks, and are underpinned by active learning, guided engagement with disciplinary knowledge, opportunities for peer interaction, and regular, timely feedback. While the mode of delivery shapes how students participate, the pedagogical intent, expectations and standards remain consistent.
In Attendance mode, students engage in weekly face-to-face classes at designated locations, supported by preparatory activities prior to workshops and opportunities for consolidation following classes. Online learning platforms are used to complement face-to-face teaching through additional resources and learning activities.
In Online mode, students engage with the same core content and learning outcomes through a combination of synchronous and asynchronous activities, including structured discussions and applied learning tasks that support learning in professional contexts.
Across both delivery modes, students should plan to commit approximately 150 hours to this unit over the semester, including participation in learning activities, independent study, readings and assessment preparation.