Without IT security policies, organizations have no framework that defines the proper and safe use of IT systems and data. In this course, Designing and Implementing Security Policies, you'll be exposed to security standards bodies, and how to create security policies based on recommendations from these standards bodies. First, you'll learn examples of implementing security settings based on security policy documentation. Next, you'll learn how to determine the finer details of security policies, including the use of specific security controls and the consequences of policy non-compliance. Finally, you'll gain insight on how technical controls can be interpreted and then implemented for policy compliance. By the end of this course, you'll have an understanding of how policy documents are laid out, and how to design and implement security policies within business and regulatory requirements.
Learning Objectives
- Identifying Security Standards and Bodies
- Designing Security Policies
- Implementing Security Policies
Framework Connections
Specialty Areas
- Strategic Planning and Policy
Feedback
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.