IT security management - define and implement a security policy

IT security management - defining and implementing a security policy

Training for decision-makers - IT security management, tasks and key elements

See also:
Managing the risks of an IT department
Planning and conducting internal audits in accordance with ISO19011
Data security in everyday life (information security in the workplace)
Overview of all IT training courses.

Description

Learning objective

You will learn to analyse corporate strategies and IT strategies, derive security requirements from them and develop an IT security strategy. Based on the IT security strategy, you will develop a guideline, a security concept as well as technical and organisational measures for IT security management. You will know the key elements of an information security management system (ISMS) and you will be able to define the necessary processes and guidelines for operational use.
The topics of sensitisation and risk awareness as well as the continuous improvement of IT security round off the training.

Intended audience

Executive staff, senior staff of the IT department
Information security officers (ISB)
Data Protection Officer (DPO)

Recommended previous knowledge

Previous knowledge of process engineering, IT security and benchmarking is helpful but not essential.

General information

Training details

In-house training or in our training room (region Marburg, Hessen)
Dates and duration: Flexible and depending on number of participants and previous knowledge
Detailed training materials with a total of over 300 pages, incl. (German)
Incl. access for the e-learning platform for the provision of electronic accompanying materials and e-learning content (German)

Training content (customisable).

Strategy and management system

Strategies - corporate strategy and IT security strategy
Information security management: models and standards
Deriving security requirements from the corporate context
Risks and risk appetite of the company
Formulate a security policy and strategy based on the requirements

Key elements of an ISMS

Policy, strategy and guidelines
IT security organisation
IT security policy
IT security concept

IT security and personnel

Staff security measures
Security awareness concepts
Working instructions / security policies
Dealing with security incidents

Control IT security

Basics of process and system control, internal control systems
The PDCA model
IT security audits
Auditing security concepts
Certification of an ISMS

	Imprint	Privacy statement
	Sitemap	Disclaimer
	Last update: April 10, 2024 - Site built with MkDocs. ©1998-2024 Fred Van Gestel