Information Security Governance

The course covers basics of Information Security Governance, Security Governance vs. IT Governance, regulatory requirements for information security, the needs and benefits of the governance approach, Information Security Governance program and its deliverables, establishing the ISG processes in the organization, aligning the ISG to the organization’s strategy and goals, the associated roles and responsibilities, maturity models for the governance framework, the related Standards, Governance Codes and Bodies of Knowledge, Offshoring and Outsourcing impacts to Security Governance, developing and managing the Security Metrics, developing and achieving the Security Compliance, establishing risk management objectives and framework, reporting the ISG and effectively working with various stakeholders, e.g. internal and external auditors, legal officers, business owners. The course includes real-life case studies and also addresses the different influences of different industries as well as different legalizations on the Information Security Program.