Module 5 Overview

Module 5 Overview#

Theme#

Controls and residual risk

Essential Question#

How do mitigations change risk?

Module Components#

Book prose: conceptual framing, domain scenario, methods, and failure modes
Assignment: evidence-backed production of a specific artifact
Slides: presentation sequence for seminar or lecture delivery
Narration: spoken version of the slide flow
Instructor notes: facilitation plan, discussion prompts, and grading cues
Rubric: criteria for evaluating the module artifact
Notebook: executable lab aligned with the module theme using synthetic asset risk records with exposure, vulnerability severity, control strength, threat activity, and business impact

Module Artifact#

cyber risk assessment package with scoring rationale, treatment plan, and executive dashboard focused on controls and residual risk: Map controls to residual risk estimates.

Professional Setting#

Students work as if advising a cyber risk committee prioritizing mitigation across assets with different exposure and business value. Their work must be intelligible to CISO, risk officer, system owner, auditor, and executive sponsor.