Module 6

Information Security Management

Unit 3

Introduction to Threat Modelling and Management

Learning Outcomes

• Describe a number of threat modelling techniques.
• Advise which technique should be used in specific situations.
• Discuss when techniques should be combined in a hybrid model.

e-Portfolio Activity: Exercise: Security Standards

• This activity involved familiarisation with the compliance frameworks of GDPR, PCI-DSS, and HIPAA. The resulting understanding was then applied to answer a series of questions, documented within the module wiki. Link to the wiki entry: here

Risk Identification Report

• This summative assessment required the completion of a 600-word risk identification report for Pampered Pets. This involved conducting a comprehensive risk assessment of both the business's current operations and a proposed digitalisation process, with the findings informing subsequent recommendations. Link to the risk identification report: here

Reflection

• The risk identification report, our summative assessment, was definitely the highlight of this unit. I really enjoyed working on the practical use case; it let me explore so many different frameworks. There was so much more I could have written, but the 600-word limit meant I had to be really concise.