Thank you for sending your enquiry! One of our team member will contact you shortly.
Thank you for sending your booking! One of our team member will contact you shortly.
Course Outline
Introduction
- Overview of Security Policy Management
- Exploring objectives and benefits of IT security policies
- The lifecycle and stages of Security Policy Management
Initiating a Security Policy Program
- Establishing a security policy team
- Assessing organizational needs and business risks
- Understanding an organization's legal requirements
- Evaluating existing security software and tools
- Addressing the different levels of the organization
- Choosing the most appropriate Security Policy Management software
Designing a Comprehensive Security Policy Program
- Core objectives of a Security Policy: Confidentiality, Integrity, Availability
- Creating a policy development and implementation checklist
- Defining the objectives, scope, and goals of a Security Policy
- Establishing consequences for not following the rules
- Tying a Security Policy to industry regulations such as PCI DSS, HIPAA, SOX, GLBA, GDPR, etc.
Case Study: Adhering to Industry Regulations
- Financial, health and other government-regulated fields
- The importance of centralized forms and templates
Implementing Security Policies
- Addressing the critical areas of IT: hardware, software, network, data, and users
- Enforcing the rules and procedures for accessing IT assets and resources
- Delegating security roles and duties
- Restricting user access
- Maintaining separate policies for different departments within an organization
- Reading, accepting, and signing the Security Policy
- Distinguishing between Privacy Policy and Public Facing Policy
Communicating Security Policies
- Designing Security Policy learning materials
- Disseminating Security Policy information to employees and management
- Carrying out security training and workshops
- Updating and adapting the Security Policy
- Cultivating a "Security Culture" within an organization
Contingency Planning
- Responding to security attacks and failures
- Establishing maintenance and recovery strategies
- Responding to litigation "attacks"
Performing Security Testing and Review
- Performing scheduled reviews (yearly, bi-annually, etc.)
- Performing a formal audit
- Decommissioning obsolete hardware, software, data and processes
- Removing obsolete or redundant security policies
- Obtaining Security Policy Management certification
Summary and Conclusion
Requirements
- A general understanding of IT security and asset management
- Experience with security policy development and implementation
Audience
- IT administrators
- Security coordinators
- Compliance managers
Testimonials
I genuinely was benefit from the communication skills of the trainer.
Flavio Guerrieri
Loose way of driving
The delivery
- Department for Communities
Depth and breadth of the course. Trainer was excellent also.
- Department for Communities
Examples provided
- Department for Communities
Trainer's vast knowledge
FUJITSU TECHNOLOGY SOLUTIONS SP. Z O.O.
Loose way of driving
Related Courses
Cybersecurity Fundamentals
28 hours
Honeywell Security System
14 hours
Network Penetration Testing
35 hours
Open Authentication (OAuth)
7 hours
Public Key Infrastructure
21 hours
Security Management
14 hours
NB-IoT for Developers
7 hours