This cybersecurity course goes deeper into security policy and implementation. A sound information security and cybersecurity program begins with security policy that is generated by the executive leadership. Security frameworks such as the COBIT and the NIST Cybersecurity Framework are introduced.
Learning Objectives
Describe information systems security (ISS), information assurance, and governance, and the importance of ISS policies.
Recognize the relationship between business drivers and ISS policies.
Identify the relationship between regulatory compliance requirements and ISS policies.
Analyze how security policies help mitigate risks and support business processes in various domains of IT responsibility.
Identify the role of an IT policy framework in meeting an organization's core values and business objectives.
Describe different ISS policies.
Describe issues related to ISS policy implementation and enforcement.
Compare security policy framework components and approaches.
Describe how to design, organize, implement, and maintain IT security policies.
Describe the different issues related to defining, tracking, monitoring, reporting, automating, and organizing compliance systems and technologies.
Framework Connections
Specialty Areas
- Cybersecurity Management
- Program/Project Management and Acquisition
- Executive Cyber Leadership
Feedback
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.