Legal services
Study-unit Code
Law and technologies
Stefania Stefanelli
  • Stefania Stefanelli
  • 42 ore - Stefania Stefanelli
Course Regulation
Coorte 2022
Type of study-unit
Opzionale (Optional)
Type of learning activities
Attività formativa monodisciplinare
Language of instruction
Risk supervision and management encompass a wide range of hazards, including market risks, operational risks, risks arising from competition, financial risks, reputational risks, and compliance risks, to name just a few. In this specific case, the focus will be on risk management and assessment in the ICT field
Reference texts
S. Stefanelli, Diritto civile del digitale, Ali&no ed., Perugia, 2023 Support materials for the lessons are made available on UniStudium. Additional materials are provided by the instructor
Educational objectives
The students will acquire the key principles of IT risk management, which include risk identification, risk analysis, risk assessment, and the risk management process. This involves an understanding of the identification of vulnerabilities and threats, the assessment of the impact on business operations, and the mechanisms for risk mitigation.
It is necessary, for the purpose of understanding the topics of the course, the possession of the basic notions of computer science, the ability to use fundamental programs such as those for online communications and word processing.
Teaching methods
Face-to-face, practical training, seminars, Seminar lectures with audiovisual material
Other information
Students enrolled in the Law degree program, whose exam accounts for 3 ECTS credits, will focus only on points no. 4, 5, 6, 7, and 10 of the program
Learning verification modality
The examination consists of an oral test; the questions are based on the program outlined by the instructor in the relevant syllabus, taking into account the knowledge of the subject, the use of appropriate technical language, reasoning ability, logical argumentation, and learning of the methodology. The duration of the exam varies according to the progress of the test.
For those attending the course, different evaluation methods may be established, including subsequent stages of the same exam, which can be conducted individually or in groups. In this case, the recognition and evaluation of individual contributions must be ensured. The goal could be the realization of specific projects, determined and assigned by the instructor. Additionally, for attendees, the oral exam may consist of a multiple-choice test (with at least 20 questions).
Extended program
1 - Risk and safety
2 - International standards on risk management
3 - Risk areas
4 - Tools of the Codice dell’Amministrazione Digitale
5 - Risk in different regulatory disciplines (anti-corruption, GDPR, and corporate responsibility)
6 - OpenData and F/OSS
7 - Cyber risk
8 - EU actions to protect digital risks
9 - Regulation of artificial intelligence systems and risk
10 - Algorithms
11 - The phases of risk management and the PDCA cycle
12 - Analysis of the external and internal context
13 - Risk analysis and evaluation
14 - Quantitative and qualitative methods
15 - Monitoring and review of prevention measures
16 - Automated auditing systems
17 - National and international frameworks for cybersecurity

Code A002875
Location PERUGIA
Teacher Stefania Stefanelli
Learning activities Caratterizzante
Area Discipline giuridiche d'impresa e settoriali
Academic discipline ING-INF/05
Type of study-unit Opzionale (Optional)

Code A002875
Location PERUGIA
Teacher Stefania Stefanelli
Learning activities Caratterizzante
Area Discipline giuridiche d'impresa e settoriali
Academic discipline ING-INF/05
Type of study-unit Opzionale (Optional)
Condividi su