Information Security Governance and Risk Management

AGENDA

• Roles of individuals in securing information assets
• Planning and Protect organization’s information assets
• Policies management views
• Standards and procedures, to security administration
• Security awareness training
• Data classification
• Risk management practices and tools
• Evaluate company assets
• Identify and assess threats and vulnerabilities
• Calculate single and annual loss expectancy
• Ethical and regulatory requirements to protect privacy
• Data protection controls
• Preventing unauthorized access
• Audit system records and event logs
• Best practices for system security administration