Ceny nie zawierają podatku VAT
Szkolenie w języku polskim. Na życzenie możliwy język angielski.
Last updated
Kod kursu
securitypolicymanagement
Czas trwania
35 godzin
szkolenie zdalne: 5 lub 10 dni
szkolenie stacjonarne: 5 dni
Wymagania
- A general understanding of IT security and asset management
- Experience with security policy development and implementation
Audience
- IT administrators
- Security coordinators
- Compliance managers
Opis
Security policy management is the process of assessing, designing, and implementing rules and procedures at all levels of the organization to protect IT assets and resources.
This instructor-led, live training (online or onsite) is aimed at IT administrators, security coordinators, and compliance managers who wish to identify, evaluate, and implement security policy management methods for their organization.
By the end of this training, participants will be able to develop, manage, and monitor security policies to protect their organization's information, network, and physical and software assets.
Format of the Course
- Interactive lecture and discussion.
- Lots of exercises and practice.
- Hands-on implementation in a live-lab environment.
Course Customization Options
- To request a customized training for this course, please contact us to arrange.
Plan Szkolenia
Introduction
- Overview of Security Policy Management
- Exploring objectives and benefits of IT security policies
- The lifecycle and stages of Security Policy Management
Initiating a Security Policy Program
- Establishing a security policy team
- Assessing organizational needs and business risks
- Understanding an organization's legal requirements
- Evaluating existing security software and tools
- Addressing the different levels of the organization
- Choosing the most appropriate Security Policy Management software
Designing a Comprehensive Security Policy Program
- Core objectives of a Security Policy: Confidentiality, Integrity, Availability
- Creating a policy development and implementation checklist
- Defining the objectives, scope, and goals of a Security Policy
- Establishing consequences for not following the rules
- Tying a Security Policy to industry regulations such as PCI DSS, HIPAA, SOX, GLBA, GDPR, etc.
Case Study: Adhering to Industry Regulations
- Financial, health and other government-regulated fields
- The importance of centralized forms and templates
Implementing Security Policies
- Addressing the critical areas of IT: hardware, software, network, data, and users
- Enforcing the rules and procedures for accessing IT assets and resources
- Delegating security roles and duties
- Restricting user access
- Maintaining separate policies for different departments within an organization
- Reading, accepting, and signing the Security Policy
- Distinguishing between Privacy Policy and Public Facing Policy
Communicating Security Policies
- Designing Security Policy learning materials
- Disseminating Security Policy information to employees and management
- Carrying out security training and workshops
- Updating and adapting the Security Policy
- Cultivating a "Security Culture" within an organization
Contingency Planning
- Responding to security attacks and failures
- Establishing maintenance and recovery strategies
- Responding to litigation "attacks"
Performing Security Testing and Review
- Performing scheduled reviews (yearly, bi-annually, etc.)
- Performing a formal audit
- Decommissioning obsolete hardware, software, data and processes
- Removing obsolete or redundant security policies
- Obtaining Security Policy Management certification
Summary and Conclusion
Opinie uczestników
We also do Consultancy!
Security Policy Management Consultancy
We work with leading clients across a wide range of technologies!
Reach out for Project | Staff Enhancement | System Audit Consulting
