Course Outline
SEC703 Complex Cyber Investigations Management
Course Coordinator:Clive Harfield (charfiel@usc.edu.au) School:School of Science, Technology and Engineering
2026Semester 2
Online |
Online | You can do this course without coming onto campus, unless your program has specified a mandatory onsite requirement. |
Please go to unisc.edu.au for up to date information on the
teaching sessions and campuses where this course is usually offered.
What is this course about?
Description
Cyber investigation managers must plan and execute investigations into various genres of digitized deviancy, identifying and securing physical and witness evidence as well as digital evidence. Good management practice includes understanding digital deviancy; recognizing the demands of investigation as a profession; and managing processes such as systemic thinking, decision making, risk recognition, and resource allocation. This online course will introduce you to the complexities surrounding investigation decision-making processes, definitions of digital deviancy, as well as the limits and boundaries of investigative procedures and methodologies.
How will this course be delivered?
| Activity | Hours | Beginning Week | Frequency |
| Online | |||
| Online – The course is delivered via online materials and tutorial classes managed synchronously online. Learners are expected to spend 10-12 hours per week studying this course. | 10hrs | Week 1 | 13 times |
Course Topics
Managing a complex cyber investigation is not just about managing digital evidence acquisition. This course comprises three modules: 1- the problem; 2 – the profession; 3 – the processes.
MODULE 1 – The Problem
What should be investigated (cybercriminology)?
What should be investigated (strategic practice)?
MODULE 2 – The Profession
Is investigation a profession?
What ethical issues are engaged during an investigation?
How can investigation be managed ethically?
MODULE 3 – The Processes
How are risks and resources managed?
How are investigation decisions made?
What legal frameworks are engaged by investigation management?
What happens when an investigation reacehs the border?
How are internal investigations managed?
Course review
What level is this course?
700 Level (Specialised)
What is the unit value of this course?
12 units
How does this course contribute to my learning?
| Course Learning Outcomes On successful completion of this course, you should be able to... | Graduate Qualities Completing these tasks successfully will contribute to you becoming... | |
| 1 | Demonstrate understanding of professional investigation management and professional practice |
Knowledgeable Ethical |
| 2 | Demonstrate in-depth knowledge of the management of securing and presenting evidence relating to cybercrime and digital data integrity breaches. | Knowledgeable |
| 3 | Critically analyse the role of digital deviancy and its investigation in society including how each might be a source of criminal and/or social harm |
Knowledgeable Creative and critical thinker |
| 4 | Use decision-making and problem-solving |
Empowered Ethical |
| 5 | Communicate research and findings to specialist and non-specialist audiences. | Empowered |
Am I eligible to enrol in this course?
Refer to the UniSC Glossary of terms for definitions of “pre-requisites, co-requisites and anti-requisites”.
Pre-requisites
SEC701
Co-requisites
Not applicable
Anti-requisites
Not applicable
Specific assumed prior knowledge and skills (where applicable)
Students will be assumed to understand technology and its role in society. They will be expected to have a working knowledge of computer systems and networks.
Microcredential Information
Not applicable
How am I going to be assessed?
Grading Scale
Standard Grading (GRD)
| High Distinction (HD), Distinction (DN), Credit (CR), Pass (PS), Fail (FL). |
Details of early feedback on progress
Using marking rubrics, students will participate in continuous peer and self-assessment during tutorials
Assessment tasks
| Delivery mode | Task No. | Assessment Product | Individual or Group | Weighting % | What is the duration / length? | When should I submit? | Where should I submit it? |
| All | 1a | Quiz/zes | Individual | 10% | 10 multiple choice questions |
Week 4 | Online Test (Quiz) |
| All | 1b | Written Piece | Individual | 10% | 1000 words |
Week 4 | Online Assignment Submission with plagiarism check |
| All | 2 | Written Piece | Individual | 30% | 2000 words |
Week 6 | Online Assignment Submission with plagiarism check |
| All | 3 | Written Piece | Individual | 50% | 4000 written paper |
Week 13 | Online Assignment Submission with plagiarism check |
| All - Assessment Task 1a:Knowledge check quiz | |||||||
| Goal: | The goal of this task is to demonstrate knowledge and understanding of basic cybercriminology concepts introduced in the opening weeks of the course. |
||||||
| Product: | Quiz/zes | ||||||
| Authorship Statement: | |||||||
| Format: | Quiz |
||||||
| Criteria: |
|
||||||
| Generic Skills: | Applying technologies, Information literacy |
||||||
| All - Assessment Task 1b:Written piece | |||||||
| Goal: | The goal of this task is to demonstrate knowledge and understanding of basic cybercriminology concepts introduced in the opening weeks of the course. |
||||||
| Product: | Written Piece | ||||||
| Authorship Statement: | |||||||
| Format: | More information available on Blackboard Learning Management System |
||||||
| Criteria: |
|
||||||
| Generic Skills: | Communication, Organisation, Applying technologies, Information literacy |
||||||
| All - Assessment Task 2:Review of case study investigation management | |||||||
| Goal: | From a set text, learners will identify investigation management issues raised and identify how such behaviours might be manifested in a cyber investigation; what risks they might pose to the investigation; and what an investigation manager might do to prevent or resolve such problems. |
||||||
| Product: | Written Piece | ||||||
| Authorship Statement: | |||||||
| Format: | Written paper |
||||||
| Criteria: |
|
||||||
| Generic Skills: | Communication, Problem solving, Organisation, Information literacy |
||||||
| All - Assessment Task 3:Review of investigation management circumstances and needs | |||||||
| Goal: | For this task you are required to review the circumstances outlined in this complex investigation case-study scenario to answer the following questions: • what investigation management issues arise from these circumstances; • what are the potential sources of evidence and what investigation skills, technologies, methods, and protocols should be employed to secure this evidence; and • what systemic cybersecurity problems (if any) have been disclosed by these circumstances, and how should these be addressed? |
||||||
| Product: | Written Piece | ||||||
| Authorship Statement: | |||||||
| Format: | This assessment comprises a 4,000-word written paper reviewing a case-study scenario. |
||||||
| Criteria: |
|
||||||
| Generic Skills: | Communication, Problem solving, Organisation, Applying technologies, Information literacy |
||||||
Directed study hours
A 12-unit course will have total of 150 learning hours which will include directed study hours (including online if required), self-directed learning and completion of assessable tasks. Student workload is calculated at 12.5 learning hours per one unit.
Schedule
| Period and Topic | Activities |
n/a |
The planned schedule for this course comprises three modules: 1- the problem; 2 – the profession; 3 – the processes. MODULE 1 – The Problem Week 1 – What should be investigated (cybercriminology)? Week 2 – What should be investigated (strategic practice)? MODULE 2 – The Profession Week 3 – Is investigation a profession? Assessment 1 – quiz & short answer question Week 4 – What ethical issues are engaged during an investigation? Week 5 – How can investigation be managed ethically? Week 6 – Assessment 2 – written piece MODULE 3 – The Processes Week 7 – How are risks and resources managed? Week 8 – How are investigation decisions made? Week 9 - What legal frameworks are engaged by investigation management? Week 10 – What happens when an investigation reacehs the border? Week 11 – How are internal investigations managed? Week 12 – Course review Week 13 – Assessment 3 written piece based on investigation scenario |
What resources do I need to undertake this course?
Please note: Course information, including specific information of recommended readings, learning activities, resources, weekly readings, etc. are available on the course Canvas site– Please log in as soon as possible.
Prescribed text(s) or course reader
You need regular access to the resource(s) below. Many texts are available as ebooks through the Library at no additional cost.
| Required? | Author | Year | Title | Edition | Publisher |
| Recommended | Thomas HOLT, Adam BOSSLER & Kathryn SIEGFRIED-SPELLAR | 2018 | Cybercrime and Digital Forensics | n/a | Routledge |
| Recommended | Graeme Edwards | 2019 | Cybercrime Investigators Handbook | n/a | John Wiley & Sons |
| Recommended | Peter Stelfox | 2009 | Criminal Investigation | n/a | Willan Pub |
| Recommended | Robert Moore | 2010 | Cybercrime | n/a | Anderson Publishing |
| Recommended | Brett Shavers | 2013 | Placing the Suspect Behind the Keyboard | n/a | Syngress Press |
Specific requirements
This is an online course, therefore access to a computer and an a strong and stable internet connection is essential. To participate in the synchronous online tutorial classes conducted via video conference, it will be necessary for your computer ta be equipped with an in-built or peripheral webcam and microphone
How are risks managed in this course?
What administrative information is relevant to this course?
Assessment: Academic Integrity
Academic integrity is the ethical standard of university participation. It ensures that students graduate as a result of proving they are competent in their discipline. This is integral in maintaining the value of academic qualifications. Each industry has expectations and standards of the skills and knowledge within that discipline and these are reflected in assessment.
Academic integrity means that you do not engage in any activity that is considered to be academic fraud; including plagiarism, collusion or outsourcing any part of any assessment item to any other person. You are expected to be honest and ethical by completing all work yourself and indicating in your work which ideas and information were developed by you and which were taken from others. You cannot provide your assessment work to others. You are also expected to provide evidence of wide and critical reading, usually by using appropriate academic references.
In order to minimise incidents of academic fraud, this course may require that some of its assessment tasks, when submitted to Canvas, are electronically checked through Turnitin. This software allows for text comparisons to be made between your submitted assessment item and all other work to which Turnitin has access.
Assessment: Additional Requirements
Your eligibility for supplementary assessment in a course is dependent of the following conditions applying: The final mark is in the percentage range 47% to 49.4% The course is graded using the Standard Grading scale You have not failed an assessment task in the course due to academic misconduct.Assessment: Submission penalties
Late submission of assessment tasks may be penalised at the following maximum rate: - 5% (of the assessment task's identified value) per day for the first two days from the date identified as the due date for the assessment task. - 10% (of the assessment task's identified value) for the third day - 20% (of the assessment task's identified value) for the fourth day and subsequent days up to and including seven days from the date identified as the due date for the assessment task. - A result of zero is awarded for an assessment task submitted after seven days from the date identified as the due date for the assessment task. Weekdays and weekends are included in the calculation of days late. To request an extension you must contact your course coordinator to negotiate an outcome.Links to relevant University policy and procedures
For more information on Academic Learning & Teaching categories including:
- Assessment: Courses and Coursework Programs
- Review of Assessment and Final Grades
- Supplementary Assessment
- Central Examinations
- Deferred Examinations
- Student Conduct
- Students with a Disability
For more information, visit https://www.usc.edu.au/explore/policies-and-procedures#academic-learning-and-teaching
Student Charter
UniSC is committed to excellence in teaching, research and engagement in an environment that is inclusive, inspiring, safe and respectful. The Student Charter sets out what students can expect from the University, and what in turn is expected of students, to achieve these outcomes.
General Enquiries
- In person:
- UniSC Sunshine Coast - Student Central, Ground Floor, Building C, 90 Sippy Downs Drive, Sippy Downs
- UniSC Moreton Bay - Service Centre, Ground Floor, Foundation Building, Gympie Road, Petrie
- UniSC SouthBank - Student Central, Building A4 (SW1), 52 Merivale Street, South Brisbane
- UniSC Gympie - Student Central, 71 Cartwright Road, Gympie
- UniSC Fraser Coast - Student Central, Student Central, Building A, 161 Old Maryborough Rd, Hervey Bay
- UniSC Caboolture - Student Central, Level 1 Building J, Cnr Manley and Tallon Street, Caboolture
- Tel:+61 7 5430 2890
- Email:studentcentral@usc.edu.au