Part A: Information Security Program Development
- Information Security Program Overview
- Information Security Program Resources
- Information Asset Identification and Classification
- Industry Standards and Frameworks for Information Security
- Information Security Policies, Procedures and Guidelines
- Defining an Information Security Program Road Map
- Information Security Program Metrics
Part B: Information Security Program Management
- Information Security Control Design and Selection
- Information Security Control Implementation and Integration
- Information Security Control Testing and Evaluation
- Information Security Awareness and Training
- Integration of the Security Program with IT Operations
- Management of External Services and Relationships
- Information Security Program Communications and Reporting