Jan 16, 2022
CST 150W - Information Security Policies, Procedures, and FundamentalsCredits: 3
Covers terminology; security systems development and implementation; and legal, ethical, and professional issues. Provides knowledge and experience to develop and maintain security policies and procedures.
Prerequisite(s): READING LEVEL 3 and WRITING LEVEL 3
Lecture Hours: 30 Lab Hours: 15
Meets MTA Requirement: None
Outcomes and Objectives
- Describe characteristics and components of information systems security policy management.
- Describe what is information systems security.
- Describe what is information assurance.
- Understand why information system security policies are important.
- Understand why enforcing and winning acceptance for policies is challenging.
- Describe business drivers for information security policies.
- Discuss maintaining compliance.
- Describe mitigating risk exposure.
- Describe minimizing liability of the organization.
- Discuss implementing policies to drive operational consistency.
- Discuss U.S. compliance laws and information security policy requirements.
- Describe how these laws came about.
- Discuss who the laws protect.
- Describe aligning security policies and self-regulation.
- Discuss industry leading standards.
- Discuss information security policy implementation issues.
- Discuss human nature in the workplace.
- Discuss the importance of executive management support.
- Describe the role of human resources.
- Describe policy roles, responsibility, and accountability.
- Discuss how to design, implement, and update IT security policies.
- Discuss policies and standards design considerations.
- Describe considerations for implementing policies and standards.
- Describe maintaining your policies and standards library.
- Discuss best practices for policies and standards maintenance.
- Describe IT infrastructure security policies.
- Discuss the anatomy of an infrastructure policy.
- Describe workstation domain policies.
- Discuss best practices for IT infrastructure security policies.
- Discuss case studies and examples of IT infrastructure security policies.
- Describe Incident Response Team (IRT) Policies.
- Discuss IT security policy implementation and policy enforcement.
- Describe the implementation issues for IT security policies.
- Discuss security awareness policy implementations.
- Describe implementation dissemination.
- Discuss overcoming technical hindrances.
Add to Portfolio (opens a new window)