Course Brief

The aim of this course is to provide the student with a clear understanding of the importance of IT auditing in the context of a modern networked environment.  This course will cover many aspects of IT security auditing based around recognised standards e.g. ISO27001/2. This course will prove useful to IT security professionals currently working in medium and large organisations.

  1. Understand the security risks in information systems.

  2. Analyse the risk exposures of particular assets to particular threats.

  3. Choose and justify the choice of appropriate controls to deal with risks.

  4. Critically appraise the use of audit techniques to ensure appropriate use of controls

  5. Implement a practical audit strategy to identify, analyse and manage security risks in an active IT environment.

Audit process: planning, fieldwork, solutions, reporting, tracking, gap, root cause;

Audit methods: checklist, observation, interview, CAAT’s, peer/self/full, internal v external;

Sample audit examples: hardware, software, BCP;

IT Governance: Standards, ISO27002;

Audit Frameworks : COBIT, PCIDSS;

Legal aspects: Sarbanes-Oxley, Data Protection, Public Interest Disclosure;

Professional qualifications: CISA, CISSP.

  • MSc Operational Cyber Security


    The MSc Operational Cyber Security, awarded by the University of Greenwich, is structured to provide a viable option to graduates of:

    • Any degree from a science background, a Law or a business degree.
    • Any non-computer science subject with Upper Second Class Honours or above 
    • University of Greenwich's BSc (Hons) Computing and Information System with Upper Second Class Honours or above 
    • Mature applicants who demonstrate academic potential and work experience can also be assessed for eligibility.
    • Applicants with a similar level qualification may also be eligible for more information or email us at

    Students on the MSc Operational Cyber Security  will learn a wide range of practical and theoretical skills which will develop a sound knowledge of cyber security and its application in real life situations.


    Highlights at a glance

    • Pursue one module per month and pay as you go
    • Total duration - 2 years
    • All material provided digitally
    • Blended approach to learning with a combination of self study, online sessions and workshops

    Programme Content at a glance

    • Modern methods and techniques for cyber security, including penetration testing and IT auditing.
    • Basic concepts of networking, developing web applications, cyber security and risk management.
    • Techniques in cyber security, cyber physical security and forensics investigations.
    • The modern computing environment and software tools for a cyber security professional.
    • Specialised advanced topics in the area of security and its applications.
    • Research tools and techniques appropriate to the cyber security domain.

    At SBCS we focus on