Information Security Management (Advanced)


Session Outline:

This session will provide detailed workshop discussion and case studies on key information security areas. We will focus on practical development and implementation of processes to manage governance, risk and compliance areas relating to information security within the enterprise.

Learning Objectives:

• Understand key information security governance requirements and practices
• Understand information security risks and processes to identify and manage risk within the organization
• Understand key risk mitigation strategies for current and emerging information security issues
• Develop and implementation key areas of an organizations information security program to mitigate risks to acceptable levels

Course Outline:

Day 1:
Information Security Governance
• Information Security Management Framework
• Information Security Frameworks and Standards (e.g. ISO27001/27002)
• Security Organization Components
• Information Security Policy and Standards
• Compliance Processes and Procedures

Information Security Management
• Performing Information Security Risk Assessments
• Case Study – Information Security Risk Assessment
• Dealing with emerging Security Issues (Cloud, BYOD, Mobile Devices, IoT)
• Security Architecture and Design
• Key Security Control Processes including Security Configuration; Vulnerability Assessment and Host-Based Compliance areas

Day 2:
Information Security Program
• Asset Classification and Control
• Personnel Security
• Physical and Environment Security
• Operational Security
• Logical Access Control
• Network Security
• Information Security Threats and Vulnerabilities
• Information Security Awareness
• Incident Response and Incident Handling
• Case Study – Incident Management
• Operating System Security (Focus on Windows, Unix and Linux)
• Database Security
• Virtualization Security
• Virus and Malicious Code Management
• E-mail, Messaging and Mobile Security
• Secure System Development and Maintenance
• Application System Security (including web application security)
• Disaster Recover and Business Continuity Planning
• Vendor Management including Service Providers and Cloud Services


  • When

  • Wednesday, December 14, 2016 - Thursday, December 15, 2016
    8:00 AM - 5:00 PM

  • Where

  • University of Phoenix - Tempe Campus
    1625 W Fountainhead Parkway
    Rooms 401/402
    Tempe, Arizona 85282

Outlook Outlook
iCal iCal
Google Google
Yahoo! Yahoo!