Udemy
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    •  
Turn what you know into an opportunity and reach millions around the world.
Learn More
Your cart is empty.
Keep shopping
Enterprise Information Security Management: Tools
Rating: 4.3 out of 5(20 ratings)
163 students

Enterprise Information Security Management: Tools

Module 2: Strategies, Models, Frameworks, and Approaches
Last updated 1/2018
English

What you'll learn

  • Student will learn major measures organizations take to manage information security and solve information security problems.
  • After learning the course student can compare their own organization with conditions in the courses, to gain a better decission of what models, frameworks and approaches to take to achieve a better level secuirty in their organization.

Course content

9 sections88 lectures3h 32m total length
  • 1.1 Opening- Coverage and Learning Goals1:10

    Explore the models, frameworks, strategies, and approaches in enterprise information security management, and assess their pros and cons to design, plan, build, deploy, and operate an information security program.

  • 1.2 A Overview for Terms and Definitions0:50
  • 1.3 Approach, Strategy, Model, Framework2:50

    Explore how approaches, frameworks, strategies, and models guide information security management, with examples like Bell-LaPadula and Clark-Wilson, and a five-points framework for evaluating effectiveness.

  • 1.4 Three Major Frameworks3:58
  • 1.5 Policy, Standards, Guidelines, and Best Practices2:36

    Explain how policy, standards, guidelines, and best practices shape information security within organizations, from need-to-know access to ISO/IEC 27001, 27002, and 27005 guidance on risk management.

  • 1.6 Relationship between Policy, Standards, Guidelines, and Best Practices2:16
  • 1.7 Program, Projects and Plan2:31

    Explore how programs, projects, and plans align with strategy, detailing FLAM relationships, delivery via projects, and the role of performance metrics and security metrics in information security management.

Requirements

  • You should know basic concept of IT security and enterprise management.
  • You should have basic understanding on risk management.

Description

The purpose of this series course is to address the growing challenges of managing information security risks in enterprise and government organizations, prompted by the complexity and risks of today’s changing technological landscape, as well as increasingly demanding business aspirations. These challenges are further escalated by the inadequacies of existing risk management models and professional development approaches.

Similar to warfares,In information security, there are various strategies, frameworks, approaches, and models, that have been developed over the years, which could help practitioners design, plan, build, deploy, and operate an information security management program in organizations. In this part, we'll discuss how organizations use them.

By the end of this module, you should gain a level of understanding of the models, frameworks, strategies, and approaches applicable to enterprise information security management; discourse their pros and cons, and apply your learning to given scenarios and in your organizations.

Who this course is for:

  • Information Security Managers
  • CISO
  • CTO
  • Security Practitioners
  • Security Engineers
  • Compliance Managers
  • Risk Analysts
  • IT Auditors
  • IT Managers