Business and management aspects of information security: Legal and regulatory aspects; strategic planning process; security policies and management process for a secure information systems environment.
Learning Objectives
- Translate business goals and regulatory requirements into necessary Information Technology security responsibilities.
- Document security strategies as they relate to the business goals and objectives.
- Identify a series of standard security policies and apply the policies to achieve key security initiatives.
- Create a series of custom security policies applicable to specific business and regulatory environments, and explain the importance of the policies in achieving the necessary goals of the stated organizations.
- Identify key management roles in I.T. security, and explain the responsibilities of each individual in their role in security management.
- Verify the steps necessary in creating a secured management environment, with proper monitoring, alerting, notification, identification, and remediation tasks.
- Write an actual I.T Security Strategy document.
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Specialty Areas
- Cybersecurity Management
- Strategic Planning and Policy
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.