[an error occurred while processing this directive]
<meta NAME="ROBOTS" CONTENT="index,follow">
<meta NAME="keywords" CONTENT=" understanding, participant, principles, measurement, information, computer, threat, system, department, course, security, decisions, analysis, case, benefit, management, university, cost, requirements, remaining, science, vulnerability, overview, oxford, places, business, risk, held, able, harm, vulnerabilities, prioritised, introduction, relationship, quantitative, experience, terminology, objectives, successful, understand, different, estimates, qualitative, providing, practical, realistic, frequency, evaluation, exposure, explores, mitigation, techniques, checklists, normally, framework, valuation, modelling, concept, central, enables, efforts, managed, contents, standards, controls, baseline, planning, measures, conduct, building, provided, behind, methods, mapping, issues, assets, impact, tools, study, dates, losses, based">
<meta name="DESCRIPTION" content="Security Risk Analysis and Management course The concept of risk is central to computer and information security, as understanding the exposure of the system to different threats enables security efforts to be prioritised Through measurements and estimates of risk, security can be managed and cost benefit decisions can be made This course explores the principles and tools behind risk analysis for security, providing practical experience on a realistic case study Frequency This course normally runs twice a year ">


<meta name="Edited" content="Fri, 16 May 2025 18:20:01 GMT">
<meta name="Published" content="Fri, 16 May 2025 18:20:06 GMT">

<title>Software Engineering at Oxford | Security Risk Analysis and Management ( RIS )</title>

<!-- icon -->
<link rel="shortcut icon" type="image/ico" href="../favicon.ico">

<script src="https://ssl.google-analytics.com/urchin.js" type="text/javascript"></script>
<script type="text/javascript">_uacct = "UA-1306673-1";urchinTracker();/*UA-579489-1*/</script>
<META name="verify-v1" content="CwYQSB0rDIbG5v7tQy+2xKxvNEoOxCNSFYYF7mSW7bo=" />
[an error occurred while processing this directive]

<div id="breadcrumb">
   
   <ul class="mainnav">
      <li>
         <a href="/">Computer Science</a></li><li><a href="/softeng/security/">Systems Security</a>
      </li>
      <li>
         <a href="/softeng/courses/">Courses</a>
      </li>
      <li>
         <a href="/softeng/courses/subjects.html">Subjects</a>
      </li>
      <li>
         <span class="youarehere">Security Risk Analysis and Management ( RIS )</span>
      </li>
   </ul>
</div>


<!--
<span id="headerItem">
  <a href="../programme/contact.html" title="Contacts">Contact</a> | 
  <a href="../search/search.jsp" title="Search">Search</a> |
  <a href="../sitemap.html" title="Sitemap">Site map</a> | 
  <a href="https://www.softeng.ox.ac.uk/signin/" title="Sign in">Sign
  in</a>
</span>
-->

<div id="content">

<h1 style="vertical-align:middle"><img align="middle" valign="middle" style="vertical-align:middle" border="0" src="../images/RIS.jpg"> Security Risk Analysis and Management</h1>
      <div>
	
	<p><p>The concept of risk is central to computer and information security, as understanding the exposure of the system to different threats enables security efforts to be prioritised. Through measurements and estimates of risk, security can be managed and cost-benefit decisions can be made. This course explores the principles and tools behind risk analysis for security, providing practical experience on a realistic case study.</p>
<h4>Frequency</h4>
<p>This course normally runs twice a year.</p></p>
<h4>Course dates</h4>
<center>
<table style="margin-left: 20px" width="95%">
<tr><td width="22%" valign="top">9th June 2025</td><td valign="top">Oxford University Department of Computer Science - Held in the Department</td><td valign="top" width="33%">09 places remaining.</td></tr>
<tr><td width="22%" valign="top">12th January 2026</td><td valign="top">Oxford University Department of Computer Science - Held in the Department</td><td valign="top" width="33%">10 places remaining.</td></tr>
</table>
</center>
<h4>Objectives</h4>
<p><p>The successful participant will</p>
<ul>
<li>be able to understand the main issues of risk in computer and information security;</li>
<li>be able to conduct a security risk analysis and make cost-benefit decisions based on this;</li>
<li>have an overview of how risk analysis can be used to make a business case for security.</li>
</ul></p>
<h4>Contents</h4>
<p><dl>
<dt><span>Overview of Risk</span></dt>
<dd>Introduction to the terminology of risk; Risk analysis and management framework; Risk and the relationship to security and controls;</dd>
<dt><span> Assets, Harm &amp; Threats </span></dt>
<dd>Types of harm; Impact valuation; Threat modelling;</dd>
<dt><span> Vulnerability Analysis</span></dt>
<dd>Baseline systems; Vulnerability analysis methods;</dd>
<dt><span> Risk Evaluation</span></dt>
<dd>Quantitative and Qualitative risk measurement;</dd>
<dt><span> Security Planning &amp; Management </span></dt>
<dd>Security measures; Mapping vulnerabilities to mitigation techniques; COBIT; Security checklists; Security requirements; Risk standards;</dd>
<dt><span> Business Cases for Security </span></dt>
<dd>Building business cases; Saved losses;</dd>
</dl></p>
<h4>Requirements</h4>
<p>Participants should have a basic understanding of computer security to the level provided by the Security Principles course.</p>

	
      </div>

<br>

    
[an error occurred while processing this directive]

<!--  mainnav div starts -->
<div id="nav">     
 <h2 id="mainsections">Main sections</h2>
 
 <h2 id="inthissection">Programme</h2>
 <ul class="mainnav" >
  <li>
   <a href="../" title="Return to the Home page" class="menu" >Home</a>
  </li>
  <li>
   <a href="../programme/index.html" title="About the programme" class="menu">About</a>
  </li>
  <li>
   <a href="../programme/history.html" title="The history of the Programme"  class="menu">History</a>
  </li>
  <li>
   <a href="../programme/people.html" title="The people involved" class="menu">People</a>
  </li>
  <li>
   <a href="http://www.cs.ox.ac.uk" title="Department of Computer Science" class="menu">Department</a>
  </li>
  <li>
   <a href="../programme/contact.html" title="Getting in touch" class="menu">Contact us</a>
  </li>
  </ul>
  
  
  <h2 id="inthissection">Courses</h2>
  <ul class="mainnav">
  <li>
   <a href="../courses/" title="About the courses" class="menu">About</a>
  </li>
  <li>
   <a href="../courses/subjects.html" title="Subjects offered" class="currentsection">Subjects</a>
  </li>
  <li>
   <a href="../courses/calendar.html" title="Course dates" class="menu">Calendar</a>
  </li>
  <li>
   <a href="../courses/booking.html" title="How to book a place on a course" class="menu">Booking</a>
  </li>
  </ul>
  
  
  <h2 id="inthissection">Study</h2>
  <ul class="mainnav">
  <li>
   <a href="../study/" title="Flexible, postgraduate study" class="menu">About</a>
  </li>
  <li>
   <a href="../study/awards.html" title="Academic awards" class="menu">Awards</a>
  </li>
  <li>
   <a href="../study/fees.html" title="University fees" class="menu">Fees</a>
  </li>
  <li>
   <a href="../study/apply.html" title="How to apply" class="menu">Applications</a>
  </li>
  <li>
   <a href="../study/collegiate.html" title="Collegiate University" class="menu">Colleges</a>
  </li>
  </ul>
  
  
  <h2 id="inthissection">Resources</h2>
  <ul class="mainnav">
  <li>
   <a href="../handbook/" title="Handbook" class="menu">Handbook</a>
  </li>
  <li>
   <a href="../brochures/" title="Brochures" class="menu">Brochures</a>
  </li>
 </ul>



[an error occurred while processing this directive]