Compliance and Operational Security Scenarios

This course contains a discussion of the role of security governance and risk management in information security. It looks at the policies and standards that are needed to operate an effective information security function and to oversee good information security practices. This course also features a number of fictional scenarios based on compliance and operational security to allow you to practice the concepts learned in the material. This course requires some basic understanding of IT concepts. Learning Outcomes Discuss the foundational concepts of security governance (the CIA triad) and understand the job of overseeing data security Describe the role of policies, procedures, standards, and guidelines in information security Understand the types of security controls that an organization can employ and the concept of defense Discuss ethical, regulatory, and privacy issues as they relate to information security Discuss different management practices for overseeing an effective information security function Identify common information security risks and threats Describe the process for conducting a risk assessment Identify the purpose and components of a disaster recovery plan and business continuity Understand the role of auditing and testing in information security governance Identify common threats and vulnerabilities Provide appropriate guidance in response to real-world scenarios that highlight compliance and operational security problems