This course introduces information security compliance and standards along with how they apply to corporate IT environments. Topics include ISO standards, government NIST frameworks, federal and state compliance requirements, security policies, incident response and business continuity planning. Upon completion, students should be able to apply compliance and availability requirements to corporate data enterprise scenarios.
Learning Objectives
1 Describe the role of information systems security (ISS) compliance in relation to organizations. | 2 Explain specific U.S. compliance laws and standards, and how they affect IT operations. | 3 Describe laws and guidelines that deal with computer related security. | 4 Explain the scope of an IT audit for compliance and the use of standards and frameworks. | 5 Summarize compliance and explain why it is important | 6 Describe the components and basic requirements for creating an audit plan to support business and system considerations. | 7 Describe the parameters required to conduct and report on an IT infrastructure audit for organizational compliance. | 8 Create security policies and review policy audit findings. | 9 Describe information security systems compliance requirements within the seven domains of an IT infrastructure. | 10 Analyze software vulnerabilities and make purchasing recommendations based upon results. | 11 Compare how devices and components found in the System/Application Domain contribute to compliance | 12 Describe the qualifications, ethics, and certification organizations for IT auditors. | 13 Describe what makes up a code of conduct and a code of ethics | 14 Identify codes of ethics from various professional organizations | 15 Identify the components that make up a mature code of conduct and why organizations establish them.
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Competency Areas
Work Roles
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.