Information Security Manager: Information Security Governance

Governance is the driving force in managing an information security program and protecting information technology assets. In this course, you'll learn how governance directly affects security management, strategy, compliance, and the organization.
Course info
Rating
(25)
Level
Intermediate
Updated
Jul 31, 2017
Duration
4h 29m
Table of contents
Course Overview
Formulating Information Security Strategy
Integrating Information Security Governance Concepts
Writing Information Security Policies
Creating Business Cases
Influencing Security Strategy and Governance
Gaining Stakeholder Commitment
Information Security Management Roles and Responsibilities
Demystifying Security Metrics
Description
Course info
Rating
(25)
Level
Intermediate
Updated
Jul 31, 2017
Duration
4h 29m
Description

While protecting information assets is the primary goal of an information security program, governance sets the requirements for how the program must function within the compliance context. Organizations must operate their security programs in compliance with laws, regulations, policies, and standards. In this course, Information Security Manager: Information Security Governance, you'll gain solid foundational knowledge on the governance aspect of security, as well as skills you can use to effectively manage security compliance in your organization. First, you'll explore how both internal and external governance affect the organization, how information security strategy supports the mission and overall organizational strategy, and the different roles and responsibilities involved in the security program. Next, you'll learn how to write business cases to support security budgets and investments. Finally, you'll cover stakeholders and how to communicate the security strategy to them and gain their commitment to it. By the end of this course, you'll be well-versed in information security governance and how it affects an information security program.

About the author
About the author

Bobby E. Rogers is an information security engineer working as a contractor for Department of Defense agencies, helping to secure, certify, and accredit their information systems. His duties include information system security engineering, risk management, and certification and accreditation efforts.

More from the author
More courses by Bobby Rogers