The Ultimate goal: To manage Information Security Governance and Risk Management

Title: The Ultimate goal: To manage Information Security Governance and Risk Management
Presenter: James D. Reeves | Senior Professional Staff II at Johns Hopkins University Applied Physics Laboratory

Description: This Common Body of Knowledge Workshop is one where “the rubber meets the road.†In this workshop we will discuss the means for managing security for information assets with policy, standards, procedures and guidelines, and the means for assessing and where necessary, mitigating the risk to your organization’s information assets.The Information Security Governance and Risk Management domain entails the identification of an organization’s information assets and the development, documentation, implementation and updating of policies, standards, procedures and guidelines that ensure confidentiality, integrity, and availability. Management tools such as data classification, risk assessment, and risk analysis are used to identify threats, clarify assets, and to rate their vulnerabilities so that effective security measures and controls can be implemented.The Cyber Security certification candidate needs to understand security planning, identifying and securing organization’s information assets; the development and use of security policies, security training, the importance of confidentiality, proprietary and private information; third party management and service level agreements related to information security; employment agreements, employee hiring and termination practices, and risk management practices and tools to identify, rate, and reduce the risk to specific information resources.

Watch Now
[stm_sidebar sidebar_id=”3085″]