About This Course
Information Security Management is the high-level discipline of protecting an organization’s digital assets through strategy, policy, and oversight. While engineers build the walls, managers decide where the walls go and how they are governed.
This course prepares you for leadership roles in security. You will learn to navigate international standards like ISO 27001, perform quantitative risk assessments, and develop robust security policies that align with business objectives.
Skills You Will Gain
Course Syllabus
Module 1: Information Security Governance
Understand the alignment of security with business goals. Learn about the roles of the CISO and security committees, and explore the legal and regulatory landscape of information protection.
Module 2: Risk Management Frameworks
Master the art of risk identification and mitigation. Learn to use the NIST Risk Management Framework and perform qualitative vs. quantitative risk analysis.
Module 3: Security Policies & Awareness
Learn to draft enforceable policies (AUPs, Password Policies, etc.). Understand the "Human Factor" and how to design effective security awareness training programs for employees.
Module 4: Compliance & Auditing (ISO 27001)
Deep dive into the ISO/IEC 27001 standard. Learn how to conduct internal audits, manage non-conformities, and prepare an organization for external certification.
Module 5: Incident Response & Business Continuity
Prepare for the inevitable. Learn to design Incident Response Plans (IRP) and Business Continuity Plans (BCP) to ensure the organization stays operational during and after a cyber disaster.