Information Security Manager: Information Security Program Management
Information security management ensures systems and data are protected. In this course, you'll learn how information security management directly protects data, in a balance of security, functionality, compliance, and competing resources.
What you'll learn
Protecting information assets is the primary goal of an information security program, and information security management provides the oversight for the balance between resources, compliance, and security. Organizations must protect their information assets by establishing and maintaining an effective information security program, considering the organization’s mission, goals, infrastructure, and people. In this course, Information Security Manager: Information Security Program Management, you'll gain solid foundational knowledge on the program management aspect of security, as well as skills you can use to effectively protect assets in your organization. First, you'll learn how to develop internal governance, such as security policies, manage people and technology processes, and how to maintain an information security training program. Next, you'll explore how to audit third-party agreements and contracts. Finally, you'll discover how to monitor the performance of the information security program and report that information to the various stakeholders in the organization. By the end of this course, you'll be well-versed in information security program management and how it affects the organization’s information security assets.
Table of contents
- Organizational Strategy and Information Security 8m
- Organizational Business Processes and Functions 2m
- Information Security Requirements and Processes 6m
- Relationships Between Information Security and Business Functions 4m
- Integrating Information Security Requirements into Business Processes 5m
- Organizational Characteristics of Globomantics 4m
- Summary 1m
- Managing Security Resources 2m
- Security Resources and Budget 5m
- Security Resources Reporting 2m
- Security Budget at Globomantics 3m
- Managing Security Requirements 4m
- Security Requirements at Globomantics 3m
- Employing Resources Against Requirements 5m
- Considering Emerging Technologies 6m
- Considerations with Implementing Current or New Technologies at Globomantics 4m
- Summary 1m
- Defining Security Metrics 5m
- Security Metrics at Globomantics 1m
- Developing and Using KPIs 4m
- Developing and Using KPIs at Globomantics 4m
- Developing and Using KRIs 5m
- Developing and Using KRIs at Globomantics 2m
- Developing and Using KGIs 2m
- Developing and Using KGIs at Globomantics 2m
- Using Security Metrics to Determine Security Program Effectiveness 2m
- Summary 1m
- Understanding Organizational Stakeholders 6m
- Stakeholders at Globomantics 3m
- Understanding Stakeholder Information Needs 6m
- Understanding Stakeholder Information Needs at Globomantics 4m
- Organizational Communication Channels 3m
- Communicating Information Security 5m
- Communicating Information Security at Globomantics 2m
- Monitoring Information Security Performance 3m
- Getting Stakeholder Committment to Information Security 4m
- Obtaining Committment to Information Security at Globomantics 2m
- Summary 1m
About the author
Bobby E. Rogers is an information security engineer working as a contractor for Department of Defense agencies, helping to secure, certify, and accredit their information systems. His duties include information system security engineering, risk management, and certification and accreditation efforts. He retired after 21 years in the U.S. Air Force, serving as a network security engineer and instructor, and has secured networks all over the world. Bobby has a master’s degree in information assura... more