TOPICS

Course Outline
1. Domain 1: Security Leadership and Management
Understand Security’s Role in the Organization’s Culture, Vision, and Mission
Align Security Program with Organizational Governance
Define and Implement Information Security Strategies
Manage Data Classification
Define and Maintain Security Policy Framework
Manage Security Requirements in Contracts and Agreements
Develop and Maintain a Risk Management Program
Manage Security Aspects of Change Control
Oversee Security Awareness and Training Programs
Define, Measure, and Report Security Metrics
Prepare, Obtain, and Administer Security Budget
Manage the Security Organization
Understand Project Management Principles
2. Domain 2: Security Lifecycle Management
Manage the Integration of Security into the SDLC
Integrate New Business Initiatives into the Security Architecture
Define and Oversee Comprehensive Vulnerability Management Programs
3. Domain 3: Security Compliance Management
Validate Compliance with Organizational Security Policies and Procedures
Manage and Document Exceptions to the Compliance Framework
Coordinate with Auditors and Assist with the Internal and External Audit Process
4. Domain 4: Contingency Management
Oversee Development of Contingency Plans
Guide Development of Recovery Strategies
Manage Maintenance of the BCP and DRP plans
5. Domain 5: Law, Ethics, and Incident Management
Understand the Impact of Laws that Relate to Information Security
Develop and Manage the Incident Handling and Investigation Processes
Understand Management Issues as They Relate to the (ISC)2 Code of Ethic.