IT security management - define and implement a security policy
IT security management - defining and implementing a security policy
Training for decision-makers - IT security management, tasks and key elements
See also:
Managing the risks of an IT department
Planning and conducting internal audits in accordance with ISO19011
Data security in everyday life (information security in the workplace)
Overview of all IT training courses.
Description
Learning objective
You will learn to analyse corporate strategies and IT strategies, derive security requirements from them and develop an IT security strategy. Based on the IT security strategy, you will develop a guideline, a security concept as well as technical and organisational measures for IT security management. You will know the key elements of an information security management system (ISMS) and you will be able to define the necessary processes and guidelines for operational use.
The topics of sensitisation and risk awareness as well as the continuous improvement of IT security round off the training.
Intended audience
- Executive staff, senior staff of the IT department
- Information security officers (ISB)
- Data Protection Officer (DPO)
Recommended previous knowledge
- Previous knowledge of process engineering, IT security and benchmarking is helpful but not essential.
General information
Training details
- In-house training or in our training room (region Marburg, Hessen)
- Dates and duration: Flexible and depending on number of participants and previous knowledge
- Detailed training materials with a total of over 300 pages, incl. (German)
- Incl. access for the e-learning platform for the provision of electronic accompanying materials and e-learning content (German)
Training content (customisable).
Strategy and management system
- Strategies - corporate strategy and IT security strategy
- Information security management: models and standards
- Deriving security requirements from the corporate context
- Risks and risk appetite of the company
- Formulate a security policy and strategy based on the requirements
Key elements of an ISMS
- Policy, strategy and guidelines
- IT security organisation
- IT security policy
- IT security concept
IT security and personnel
- Staff security measures
- Security awareness concepts
- Working instructions / security policies
- Dealing with security incidents
Control IT security
- Basics of process and system control, internal control systems
- The PDCA model
- IT security audits
- Auditing security concepts
- Certification of an ISMS