Security and Risk Management

Course Description

Covers the role of governance and risk management in information security. It looks at the policies and standards that are needed to operate an effective information security function and to oversee good information security practices. Includes a review of how modern organizations manage information security risks and how to conduct a risk analysis. Examines the process for providing information security training and education.

Learning Outcomes

After completing this course, the learner should be able to:

• Discuss the concept of security governance and understand the job of overseeing data security
• Describe the role of policy and procedure documents in information security
• Understand the key principles and terminology of information security governance and risk management
• Discuss different management practices for overseeing an effective information security function
• Identify common information security risks and threats
• Describe the process for conducting a risk assessment
• Understand the data classification process and properly classify data according to security needs
• Explain the process for providing information security training and education