Course Objectives

• This Course Objective Hasn't Been Provided Yet

Target Audience

This course is ideal for members of information security management teams, IT managers, security and systems managers, information asset owners and employees with legal compliance responsibilities.

• Information Security Management Principles
  • Concepts and Definitions
• Information Risk
  • Threats
  • Vulnerabilities
  • Risk Management
• Information Security Framework
  • Organizations and responsibilities
  • Organizational policy, standards, and procedures
  • Information security governance
  • Information assurance program implementation
  • Security incident management
  • Legal frameworks
  • Security standards and procedures
• Security Lifecycle
  • The information life cycle
  • Testing, audit, and review
  • Systems development and support
• Procedural / People Security Controls
  • General controls
  • People security
  • User access controls
  • Training and awareness
• Technical Security Controls
  • Technical security
  • Protection from malicious software
  • Networks and communications
  • Operational Technology
  • External services
  • Cloud computing
  • IT infrastructure
• Physical and Environmental Security Controls
  • Physical Security
  • Different uses of controls
• Disaster Recovery (DR) and Business Continuity Management (BCM)
  • Relationship between DR/BCP, risk assessment and impact analysis
  • Resilience and redundancy
  • Approached to writing plans and implementing plans
  • The need for documentation, maintenance, and testing
  • The need for links to managed service provision and outsourcing
  • The need for secure off-site storage of vital material
  • The need to involve personnel, suppliers, and IT systems providers
  • Relationship with security incident management
  • Compliance with standards
• Other Technical Aspects
  • Investigations and forensics
  • Role of cryptography
  • Threat intelligence

This course hasn't been scheduled yet, however you can request for In-House training