Higher Diploma in Cybersecurity Risk & Compliance (Higher Diploma in Cybersecurity Risk & Compliance)

Galway-Mayo Institute of Technology (HDipCyberSecurity)
Key Programme Details

Higher Diploma

NFQ Level

Level 8 About NFQ

Delivery Method



Full Time

ECTS Credits


General Information

Dr Seamus Dowling






Lifelong Learning Dept
GMIT Mayo Campus,​
Old Westport Rd.,​
Co. Mayo​


Programme Co-ordinator

Important Dates
Application Deadline


Start Date


End Date


About this Course

This Level 8 major award provides a pathway for professionals to upskill in the legal, technical and best practice concepts surrounding the implementation of cyber security risk and compliance within an organisation. The higher diploma has been developed in partnership with Hewlett Packard Enterprises (HPE) Cyber Defense Center. The modules, content and delivery have been created in collaboration with HPE to ensure that the required skillset is available to all organisations to implement cybersecurity risk and compliance.


This major award aims to educate IT practitioners in risks associated with protecting an organisation against cyber-attacks. Risk and compliance are key components of cybersecurity as organisations implement the necessary governance to fulfill its obligation to legal and ethical laws. IT and data security are realised through ongoing robust security measures implemented at the network and operating system level. Just as important is the protection of an organisation's data and is a concern for administration and technical staff. As well as the theoretical components of cybersecurity governance, techniques, standards, frameworks, data law and ethics, successful applicants will work to develop a risk compliance program for a real or theoretical organisation.

Entry Requirements

The minimum entry requirements are a Level 8 qualification.
GMIT is committed to the principles of transparency, equity and fairness in recognition of prior learning (RPL) and to the principle of valuing all learning regardless of the mode or place of its acquisition. Recognition of Prior Learning may be used to gain access to this programme in accordance with GMIT's Recognition of Prior Learning policy. Applicants for RPL will be provided with application guidance.

Long Description


1 - Data Protection - Law and Compliance
This module is designed to develop knowledge and competence in the area of Data Protection for undertakings in Ireland. The objective is to provide learners with the knowledge to ensure that the privacy rights of individuals are safeguarded in relation to the processing of personal data by organisations. There will be particular emphasis on the legal compliance of undertakings and the role of the Data Protection Officers and other related professionals.

2 - Cybersecurity Architecture
This module practically demonstrates measures and controls that an organisation can deploy to improve threat mitigation capabilities and ensure compliance with the relevant frameworks. Measures such as security infrastructure, server and cloud services, secure networks and encryption ensure organisations comply with legal and ethical standards and mitigate against risk.

3 - SIEM
Secure Information and Event Management explores the concept of, and software solutions associated with SIEM. SIEM provides and organisation with an overall view of what is happening on IT infrastructure in real-time and helps IT teams to be more proactive in the fight against security threats. SIEM is also a recognised industry acronym associated with cybersecurity. This module will examine data collection and forensics, user activity, alert management and reporting giving IT professionals the knowledge to respond quickly and efficiently to cyberattack incidences. The module also examine cybersecurity best practice implementations around the Mitre ATT&CK Framework and Lockheed Martin’s Cyber Kill Chain Model. Case studies examining the implementation of cybersecurity controls are an essential element of this module.

4 - Governance, Risk & Compliance (GRC)
This module introduces students to concepts of Information technology governance, and the major governance frameworks which organisations use to manage their IT operations efficiently, safely and with a high degree of security: COBIT, ITIL, COSO, and CMMI. Specifically, the module explains the elements of these frameworks relating to cybersecurity risk management, cognitive risk, and the International cybersecurity standards in use: ISO 27001/2/3, NIST-CSF, and HITRUST-CSF. The module examines in detail cybersecurity Risk categories, and quantitative and qualitative risk assessment techniques. Probabilities around attack likelihood, annual loss expectancy, and impact are calculated. Management, Technical and Operational risk mitigations are explained in terms of the MITRE ATT&CK and Lockheed Martin Kill Chain frameworks. Finally, generic industry and public service organisations: are examined: manufacturing, financial services (PCI DSS), healthcare (HL7), government; from the point of view of cybersecurity compliance/data protection regulations.

5 - Cybersecurity Risk & Compliance Project
This module provides an opportunity for the learner to conduct an independent piece of research or an innovative and creative design & development or a cybersecurity risk & compliance programme. The project will integrate their knowledge and experience from a social, technological and organisational perspective with a view to using the amalgam as the basis for identifying/building a solution to a problem in cybersecurity risk & compliance

Timetable Info

Blended delivery consisting of live (and recorded) online webinars and tutorials, implementations labs, online content and suggested reading and sample practice labs

Delivery Location

Castlebar, Mayo

Admissions Contact Details
Contact Person

Paula Barrett


Lifelong Learning Dept
GMIT Mayo Campus,​
Old Westport Rd.,​
Co. Mayo​