-
Information Security Governance 8
-
Develop an Information Security StrategyLecture1.1
-
Align Information Security Strategy with Corporate GovernanceLecture1.2
-
Identify Legal and Regulatory RequirementsLecture1.3
-
Justify Investment in Information SecurityLecture1.4
-
Identify Drivers Affecting the OrganizationLecture1.5
-
Obtain Senior Management Commitment to Information SecurityLecture1.6
-
Define Roles and Responsibilities for Information SecurityLecture1.7
-
Establish Reporting and Communication ChannelsLecture1.8
-
-
Information Risk Management 7
-
Implement an Information Risk Assessment ProcessLecture2.1
-
Determine Information Asset Classification and OwnershipLecture2.2
-
Conduct Ongoing Threat and Vulnerability EvaluationsLecture2.3
-
Conduct Periodic BIAsLecture2.4
-
Identify and Evaluate Risk Mitigation StrategiesLecture2.5
-
Integrate Risk Management into Business Life Cycle ProcessesLecture2.6
-
Report Changes in Information RiskLecture2.7
-
-
Information Security Program Development 9
-
Develop Plans to Implement an Information Security StrategyLecture3.1
-
Security Technologies and ControlsLecture3.2
-
Specify Information Security Program ActivitiesLecture3.3
-
Coordinate Information Security Programs with Business Assurance FunctionsLecture3.4
-
Identify Resources Needed for Information Security Program ImplementationLecture3.5
-
Develop Information Security ArchitecturesLecture3.6
-
Develop Information Security PoliciesLecture3.7
-
Develop Information Security Awareness, Training, and Education ProgramsLecture3.8
-
Develop Supporting Documentation for Information Security PoliciesLecture3.9
-
-
Information Security Program Implementation 3
-
Information Security Program Management 9
-
Manage Information Security Program ResourcesLecture5.1
-
Enforce Policy and Standards ComplianceLecture5.2
-
Enforce Contractual Information Security ControlsLecture5.3
-
Enforce Information Security During Systems DevelopmentLecture5.4
-
Maintain Information Security Within an OrganizationLecture5.5
-
Provide Information Security Advice and GuidanceLecture5.6
-
Provide Information Security Awareness and TrainingLecture5.7
-
Analyze the Effectiveness of Information Security ControlsLecture5.8
-
Resolve Noncompliance IssuesLecture5.9
-
-
Incident Management and Response 9
-
Develop an Information Security Incident Response PlanLecture6.1
-
Establish an Escalation ProcessLecture6.2
-
Develop a Communication ProcessLecture6.3
-
Integrate an IRPLecture6.4
-
Develop IRTsLecture6.5
-
Test an IRPLecture6.6
-
Manage Responses to Information Security IncidentsLecture6.7
-
Perform an Information Security Incident InvestigationLecture6.8
-
Conduct Post-Incident ReviewsLecture6.9
-
