SME Risk Assessment
This Problem-based Learning scenario has been created to enable students to explore develop a sound understanding of ISO27001, particularly the risk assessment, and apply it to an SME context.
On successful completion of the scenario, students will be able to:
- Critically analyze and prioritize information security risks.
- Systematically identify countermeasures and review techniques appropriate to the management of information security risks.
- Demonstrate a thorough understanding of the policy and technology trade-offs involved in developing information security systems of adequate quality.
- Analyze and evaluate the significance of legal regulations and requirements on information security systems.
This page provides the resources for students to be able to complete the scenario as members of a small team facilitated by a tutor. The resources consist of an introductory video together with documents detailing the PBL problem statement, tasks and links to other materials that learners are expected to use to complete the tasks.
A facilitator guide and CSKE Guide to PBL provide additional information for tutors. The materials are modular, and the source is available so that they can be customized to other contexts, for example as part of an online course.