Effective information security policy development which leverages existing organization policies and culture has a greater chance of being approved and successfully implemented. This two day course provides guidance on critical information security policy elements, communicating the policy organization-wide and executive reporting. A basic knowledge of the interaction between business units and the supporting business information systems will be helpful for the maximum benefit from the course. Information security policies are a critical element of any organization and are the foundation of its security program. Successful security policies are built with the understanding of the organization’s culture and reflect the business’s vision and mission. Without well-written policies, organizations will discover that they have little or no recourse when a security incident occurs.
This course explores the process of creating security policies, delving into their content and organization. It reviews standards and methodologies and evaluates example policies. In the workshop you will get hands-on experience developing and reviewing information security policies. You’ll examine your organization’s culture to understand how to evaluate policies which will be accepted and effective in your own company’s environment.
What You Will Take Home
- The tools to evaluate your own policies against your organizations needs.
- An architecture for building custom security policies for the organization.
- The skills to convince upper management to support and budget for security needs.
Who Should Attend
- Business managers, project managers, security managers and auditors. Everyone responsible for the protection of corporate resources needs to understand how policies are developed.
- Those who are responsible for creating and maintaining security policies.
- Firm understanding of the Windows Operating System
- Firm understanding of computer architecture concepts
- Grasp of the TCP/IP protocols