Business and management aspects of information security: Legal and regulatory aspects; strategic planning process; security policies and management process for a secure information systems environment.
- Translate business goals and regulatory requirements into necessary Information Technology security responsibilities.
- Document security strategies as they relate to the business goals and objectives.
- Identify a series of standard security policies and apply the policies to achieve key security initiatives.
- Create a series of custom security policies applicable to specific business and regulatory environments, and explain the importance of the policies in achieving the necessary goals of the stated organizations.
- Identify key management roles in I.T. security, and explain the responsibilities of each individual in their role in security management.
- Verify the steps necessary in creating a secured management environment, with proper monitoring, alerting, notification, identification, and remediation tasks.
- Write an actual I.T Security Strategy document.