MGT519: Information Security Policy In-Depth
This course is the most in-depth coverage of information security policy ever developed. By the end of the course your head will be spinning. During this intensive two-day security-policy course, you will learn what security policy is (positive and negative tone); How to create consistent policies; how to balance the level of specificity to the problem at hand; the role of policy, awareness and training; the SMART approach to security policy development and assessment.
- Policy Establishes Bounds for Behavior
- Policy Empowers Users to do the Right Thing
- Should and Shall, Guidelines and Policy
- ISMS as Governing Policy
- Policy versus Procedure
- Policy Needs Assessment Process
- Organizational Assumptions, Beliefs and Values (ABVs)
- Relationship of Mission Statement to Policy
- Organizational Culture
- Using the Principles of Psychology to Implement Policy
- Applying the SMART to Policy
- How Policy Protects People, Organizations and Information
- Case Study, the Process to Handle a New Risk (Sexting)
- Policy Header Components and How to Use Them
- Issue Specific Policies
- Behavior Related Polices, Acceptable Use, Ethics
- Warning Banners
- Policy Development Process
- Policy Review and Assessment Process
- Wrapup, the Six Golden Nuggets of Policy
"I never realized there is so much to know about security policy."
"Any security manager, anyone assigned to review, write, assess or support security policy and procedure can benefit from this course."
Pencil and paper would suffice for the labs, but we recommend a laptop with a word processor. A CDROM is also highly recommended.
If you have additional questions about the laptop specifications, please contact email@example.com.
|Who Should Attend|
*CPE/CMU credits not offered for the SelfStudy delivery method