This course introduces students to the three key elements of risk management. Topics covered: risk analysis, risk assessment, and vulnerability assessment. Both quantitative and qualitative methodologies will be discussed as well as how security metrics can be modeled, monitored, and controlled. Several case studies will be used to demonstrate the risk management principles featured throughout the course. Risk assessments on the selected case study scenarios will be conducted by team work. Mitigation plans will be developed, and the results of their analysis will be presented, both in written reports and oral presentations. Ethical implications of security procedures will be studied as well.