event

Creating an Information Security Policy

Primary tabs

Information Security Policy is the fundamental and essential component of sound information security practice, and yet 60% of companies either have no policies or have policies that are out of date. Well formulated policy provides key high level descriptions of goals and expectations that are the basis for developing enterprise security procedures, mechanisms, controls, guidelines and standards needed for a comprehensive and effective information security program. This course provides the foundation skills for building an effective information security policy.

About The Course

This course will provide skills in how to determine policy needs and in developing, evaluating, and monitoring information security policies.

Who Should Attend

Managers, system and network engineers and administrators and consultants who are involved with the creation, review and maintenance of information security policies and procedures.

Prerequisites

Before beginning this course, you should understand and be conversant in the basic concepts of business information systems and information security.

Course Objectives

Information security policy issues, considerations, and recommended practices are addressed at increasing layers of complexity, beginning with the importance of corporate policies and who is responsible for them, followed by the life cycle for developing policies, types ands components of policies and policy maintenance issues including compliance and enforcement. At the successful completion of the course, you will be able to:

- Understand information security policy concepts
- Develop information security policy
- Utilize policy standards
- Maintain and review information security policies
- Plan for training and support

Status

  • Workflow Status:Published
  • Created By:Eric Huffman
  • Created:07/04/2006
  • Modified By:Fletcher Moore
  • Modified:10/07/2016