Governance is the driving force in managing an information security program and protecting information technology assets. In this course, you'll learn how governance directly affects security management, strategy, compliance, and the organization.
While protecting information assets is the primary goal of an information security program, governance sets the requirements for how the program must function within the compliance context. Organizations must operate their security programs in compliance with laws, regulations, policies, and standards. In this course, Information Security Manager: Information Security Governance, you'll gain solid foundational knowledge on the governance aspect of security, as well as skills you can use to effectively manage security compliance in your organization. First, you'll explore how both internal and external governance affect the organization, how information security strategy supports the mission and overall organizational strategy, and the different roles and responsibilities involved in the security program. Next, you'll learn how to write business cases to support security budgets and investments. Finally, you'll cover stakeholders and how to communicate the security strategy to them and gain their commitment to it. By the end of this course, you'll be well-versed in information security governance and how it affects an information security program.
Bobby E. Rogers is an information security engineer working as a contractor for Department of Defense agencies, helping to secure, certify, and accredit their information systems. His duties include information system security engineering, risk management, and certification and accreditation efforts.