This cybersecurity course goes deeper into security policy and implementation. A sound information security and cybersecurity program begins with security policy that is generated by the executive leadership. Security frameworks such as the COBIT and the NIST Cybersecurity Framework are introduced.
Learning Objectives
Describe information systems security (ISS), information assurance, and governance, and the importance of ISS policies.
Recognize the relationship between business drivers and ISS policies.
Identify the relationship between regulatory compliance requirements and ISS policies.
Analyze how security policies help mitigate risks and support business processes in various domains of IT responsibility.
Identify the role of an IT policy framework in meeting an organization's core values and business objectives.
Describe different ISS policies.
Describe issues related to ISS policy implementation and enforcement.
Compare security policy framework components and approaches.
Describe how to design, organize, implement, and maintain IT security policies.
Describe the different issues related to defining, tracking, monitoring, reporting, automating, and organizing compliance systems and technologies.
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Competency Areas
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.