The aim of this module is to equip students with a comprehensive understanding of IT Governance, Risk, and Compliance (GRC). It focuses on the risk management process, including identifying, analyzing, and treating risks within established frameworks. Students will learn to monitor and report risks effectively while developing risk registers, all essential for managing IT-related risks in organizations, particularly in the context of cybersecurity. Key topics include GRC principles, IT governance frameworks like COBIT, risk management terminology, risk treatment strategies, and standards such as ISO 31000 and NIST. By the end of the module, students will have the skills to manage risks and ensure compliance with industry standards.