Skip to main content

IV2023 Value Based Risk Management 7.5 credits

This advanced course in IS/IT Risk Management focuses on the need of a shareholder perspective in order to cost-effectively secure shareholder value against IS/IT perils.

Course offering missing for current semester as well as for previous and coming semesters
Headings with content from the Course syllabus IV2023 (Autumn 2009–) are denoted with an asterisk ( )

Content and learning outcomes

Course contents

• Introduction to the concept of Shareholder Value
• Understanding of sourcing strategies (outsourcing and offshoring)
• Integration of security services and mechanisms in sourcing strategies
• Apply a Business-Driven Enterprise Security Architecture

Intended learning outcomes

This course in IS/IT Risk Management focuses on the need to move information security from a cost to an asset. In order to be able to transform security from a cost center to a profit center, it is a precondition to understand business contexts in general and the sourcing strategies (outsourcing and offshoring) in particular.

Course disposition

Your assignment for the course will be to deliver a project proposal for business driven security architecture. The assignment shall be based on a project (with some modifications) to offshore a Fortune 100 company’s IT operations to an offshore supplier in Bangalore, India.

Language: English

Literature and preparations

Specific prerequisites

Course in security informatics on level C or D (year 3-5).

Recommended prerequisites

Security Management: 2I1506/IV2022/2I1050/IV2000


Medical security informatics: 2I1072/IV1005


No information inserted



Sherwood et al: Enterprise Security Architecture – A Business Driven Approach, CMP Books, 2005, 1-57820-318-x

The report “India and China – from an Information Security Perspective”, C Magnusson, the Confederation of Swedish Enterprise, 2006-09.
The report "Corporate Governance, Internal Control and Compliance - From an Information Security Perspective", the Confederation of Swedish Enterprise, September 2007.
The reports can be downloaded from the web of the Confederation of Swedish Enterprise.

Examination and completion

If the course is discontinued, students may request to be examined during the following two academic years.

Grading scale

A, B, C, D, E, FX, F


  • PRO1 - Assignments, 7.5 credits, grading scale: A, B, C, D, E, FX, F

Based on recommendation from KTH’s coordinator for disabilities, the examiner will decide how to adapt an examination for students with documented disability.

The examiner may apply another examination format when re-examining individual students.

Opportunity to complete the requirements via supplementary examination

No information inserted

Opportunity to raise an approved grade via renewed examination

No information inserted


No information inserted

Ethical approach

  • All members of a group are responsible for the group's work.
  • In any assessment, every student shall honestly disclose any help received and sources used.
  • In an oral assessment, every student shall be able to present and answer questions about the entire assignment and solution.

Further information

Course web

No information inserted

Offered by

ICT/Communications Systems

Main field of study

No information inserted

Education cycle

Second cycle

Add-on studies

No information inserted


Christer Magnusson,, 08-6747239