Information security management ensures systems and data are protected. In this course, you'll learn how information security management directly protects data, in a balance of security, functionality, compliance, and competing resources.
Protecting information assets is the primary goal of an information security program, and information security management provides the oversight for the balance between resources, compliance, and security. Organizations must protect their information assets by establishing and maintaining an effective information security program, considering the organization’s mission, goals, infrastructure, and people. In this course, Information Security Manager: Information Security Program Management, you'll gain solid foundational knowledge on the program management aspect of security, as well as skills you can use to effectively protect assets in your organization. First, you'll learn how to develop internal governance, such as security policies, manage people and technology processes, and how to maintain an information security training program. Next, you'll explore how to audit third-party agreements and contracts. Finally, you'll discover how to monitor the performance of the information security program and report that information to the various stakeholders in the organization. By the end of this course, you'll be well-versed in information security program management and how it affects the organization’s information security assets.
Bobby E. Rogers is an information security engineer working as a contractor for Department of Defense agencies, helping to secure, certify, and accredit their information systems. His duties include information system security engineering, risk management, and certification and accreditation efforts.
Course Overview Hi everyone. My name is Bobby Rogers, and welcome to the Information Security Manager: Information Security Program Management course. I'm a cybersecurity analyst, and I work as a contractor securing information systems and data for the U. S. government, specializing in cyber risk management. You've all seen the headlines in the news about data breaches and information technology incidents. Have you ever wondered how these things happen, and why some people just don't secure their networks? Even if it's a security flaw in the system, you can almost always trace the problem back to a lack of security program management in the organization. That's why we've produced this course that covers how to manage an information security program in your organization. We're going to talk about the major things you need to know in order to effectively manage all the aspects of information security within your company or business. Some of the major topics that we will cover include security processes, managing security resources, security governance, and metrics. By the end of this course, you'll understand what it takes to manage information security in a business, and how critical that role is in protecting data and systems from a variety of potential security risks. Before beginning the course, you should be familiar with basic security concepts and terminology such as confidentiality, integrity, and availability, as well as authentication and authorization concepts. I hope you'll join me on this journey to learn security management with the Information Security Manager: Information Security Program Management course from Pluralsight.