Examine the roles and security responsibilities of organizational staff, as well as effective communication and reporting techniques needed as part of an effective security governance framework.
CISM: Information Security Governance Part 2
- recognize the impact of internal and external influences
- obtain commitment from senior leadership and stakeholders by using key information
- specify the methods and considerations of senior leadership and stakeholder communication
- define the responsibilities of the InfoSec manager
- describe the types of organizational structures, lines of authority, and escalation points
- recognize information security responsibilities of staff across the organization
- recognize processes to monitor performance of InfoSec responsibilities
- describe reporting and communication channels
- work with key information security metrics
- define InfoSec governance
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.