December 31, 2017
by CRC Press
ISBN 9781138080829 - CAT# OL001
The purpose of this course is to address the growing challenges of managing information security risks in enterprise and government organizations, prompted by the complexity and risks of today’s changing technological landscape, as well as increasingly demanding business aspirations. These challenges are further escalated by the inadequacies of existing risk management models and professional development approaches.
The course first explores the big picture, introducing the background, key terms, definitions, and need for information security management, in addition to providing an overview of how to achieve the best levels of security. It then identifies the problems associated with information security management and considers (through case studies) the ways in which various organizations can solve these problems. The last modules of the course present the tools and methods needed for achieving information security (including security operations protocol, internal control, and audits) as well as other comprehensive planning and management skills.
This course will be of great benefit to information security managers in companies and governmental organizations, in addition to CIO, CTO, and CSO risk analysts and professionals working with information security issues in the fields of policy and strategy.
Part 1: Introduction and Fundamentals
Part 2: Models, Frameworks, and Approaches
Part 3: Organization and People
Part 4: Risk Analysis and Assessments
Part 5: Internal Control, Audit, and Security
Part 6: Security Operations and Contingency Planning/Management