Effective cyber security managers must understand how to develop security policies that will be supported by executive management and adopted by all employees. This course covers security policies that can be used to help protect and improve an organization’s security posture.  It addresses the relationship between business drivers and information systems security policies.  We will analyze how security policies help mitigate risks and support business processes in various domains of a typical IT infrastructure.    

In the IT Security Policy and Assessment course we will examine the detailed steps that are required in developing cyber security policies and risk assessments.  We will explore related topics including security policy requirements, security policy frameworks, creation of security policies, implementation issues, and security policy controls.  We will examine modern cyber security regulations and frameworks and the different types of policy such as standards, guidance, plans, and procedures and how each are used in an organization’s security strategy.