| |
|
| |
|
| Course
Title: |
Writing Security
Policy to ISO17799 / 27001 |
| Code: |
ISPOL/152 |
| Dates: |
See
Course Schedule |
| Duration: |
2 Days |
| Fee: |
Contact us for
current prices |
| Description: |
This course examines
how to create a flexible security policy that
can change with requirements and maintain its
operational health with mechanisms to combat the
human weaknesses of the security process.
Delegates will take away working documents that
they can apply to their organisation.
These include:
- An executive briefing on best practice security
policy
- Their own design for a policy template
- Policies for more than 20 main areas of
security that will work in their company
- An implementation plan for their company
|
| Objectives: |
To give the students
knowledge of what is involved in writing security
policies and examples customised for their
own situations. |
| Target Audience: |
Anyone who has
a security responsibility within his or her organization
will gain from this course. |
| Prerequisites: |
A ground understanding
of Information Security issues. |
| Course Synopsis: |
Writing
Security Policy
ISO17799 / 27001 and
IT Security
Defining a Security
Policy
Corporate Information
Security Policy
Specific policies including
:
- Information classification
- Access control
- Operations
- Incident management
- Physical security
- Human resources
- Third-party access
- Business continuity management
Standards
- Industry best practice
- Experience
- Business drivers
- Internal testing
Procedures
- Incident Reporting
- Incident Management
- User ID addition/removal
- Server backup
Document Structure
- Suggested headings for internal policies
Other Standards
- Sources of Information
Authorisation, Implementation and Operation
of Security Policies
|
|
|
