IT Security Planning
-
IT Security planning is essential to any organization. The development, appreciation, and expression of the IT security strategy and plan are the single most important factors in setting the security tone for an organization.
If you try to achieve a level of security that is too ambitious and inappropriate for the organization, you will not retain support from management. They will soon see that you are pumping money and head-count where it is not effective. Yet unless you take a high-level, whole organization approach, you will never obtain the backing or the funding to enforce any policy you write.
The strategic planning process for the whole enterprise considers several key factors. The IT security planning process should consider the same factors—which is not surprising, since it is fundamentally the same process, only focused on information security.
1. Introduction to the course syllabus
This document provides the detailed outline of the IT Security Planning 5-day course. You will be provided you with:
- Course syllabus
- Presentation material
- Exercise material
IT Security planning is essential to any organization. The development, appreciation, and expression of the IT security strategy and plan are the single most important factors in setting the security tone for an organization.
If you try to achieve a level of security that is too ambitious and inappropriate for the organization, you will not retain support from management. They will soon see that you are pumping money and head-count where it is not effective. Yet unless you take a high-level, whole organization approach, you will never obtain the backing or the funding to enforce any policy you write.
The strategic planning process for the whole enterprise considers several key factors. The IT security planning process should consider the same factors—which is not surprising, since it is fundamentally the same process, only focused on information security.
2. Course preparation
There are no preparation or prerequisites for this course.
3. Administrative and logistical activities
There is no specific administrative nor logistical activities for this course.
4. Target group
The target group of the IT Security Planning training is drawn from:
- Security experts
- Business continuity managers
- Members of business continuity teams
- Crisis response team leaders and members
- Owners of small- and medium sized enterprises (SMEs)
- Individuals seeking to ensure the continuity of essential processes in an organization during a security breach
- Owners, managers, and leaders seeking to ensure the safety and well-being of their employees and the organization
5. Benefits of this training
Attending the IT Security Planning training will help you to understand:
- How to develop a vision, organizational goals and policies
- How to assess and develop an IT security policy
- How to identify security gaps and how to mitigate them
- How to develop competencies in IT security
- How to implement strategic management practices
6. Course objectives
This training course is intended to help participants understand and become familiar with the different concepts with regard to IT Security Planning and find out how to prepare for and respond to potential security threats or vulnerabilities.
The following are the course objectives:
- Developing a vision, organizational goals and policies
- IT security policy assessment and development
- Security gaps and how to mitigate future vulnerabilities
- Develop competencies in IT security leadership and leadership development, developing members and managing members
- How to implement strategic management through confirmatory exercises.
This training course is based on the good practices commonly used in ISO standards and other best practice guidelines provided by several local and international organizations.
7. Delivery method
6.1 Educational alternatives
This course was designed so that it makes use of the following educational alternatives:
- Deduction: Using anecdotes and examples, the training presents use cases before the concepts have even been The students deduct the learning from their own analysis. The topic and its concepts are presented afterwards to demonstrate how theory applies to what was deducted.
- Questioning: Asking questions forces participants to stop and think about different variables. It also enables the participants to put the newly acquired knowledge to the Quizzes have been incorporated as part of the training to make sure that the concepts are well understood by the participants.
- Demonstrating: Some use cases have been incorporated to the training AFTER the These serve to explain a cause and effect relationship using the newly acquired knowledge.
8. Session plans
The following provides individual session objectives for the different modules covered in the training.
Course Outline:
Module 0 – Training course objectives and structure
Module 1 – Developing a vision, organizational goals and policies
Module 2 – IT security policy assessment and development
Module 3 – Security gaps and how to mitigate future vulnerabilities
Module 4 – Develop competencies in IT security
Module 5 – How to implement strategic IT security management
Module 6 – Closing of the training course
For more information, please see the IT-Security-Planning-course-syllabus-V1.0.pdf
IT Security Planning