Governance, Security and GRC
governance · security · grc · risk · compliance · networking · systems · information · controls · impact · processes · program · regulatory.
This course provides a comprehensive and practical understanding of the principles, practices, and strategies necessary to excel in information security governance. It covers the differences between policies, procedures, processes, and standards; the concept of risk appetite and risk tolerance in relation to noncompliance; and the key components of an effective information security governance program.
Information security governance is the discipline of managing and protecting an organization's information assets from threats such as hackers, data breaches, and other forms of compromise. Without strong governance, personal data becomes exposed, organizational trust erodes, and the digital environment becomes significantly less safe. Governance exists to keep these risks in check through defined frameworks, processes, and accountability structures.
By asking the right questions and implementing foundational information security policies, an organization builds a defense-in-depth posture that protects its data like a fortress.
Sign in to read this course
A free account unlocks all 514 courses. 20 are readable without one.
What's inside
7 sections- 1 Table of Contents
- 2 Module 1: Introduction to Information Security Governance
- 3 Module 2: Risk and Regulatory Perspectives
- 4 Module 3: Establishing an Information Security Governance Program
- 5 Module 4: Governance Structures and Controls
- 6 Module 5: Interdepartmental Dependencies
- 7 Summary
More Governance, Risk & Compliance courses
View all 12Government Facilities: Specialized Engineering
government · facilities · specialized · engineering · governance · risk · compliance · networking · systems · security · controls · physical · assessing · dod · environmental · facility ·...
Information & Cyber Security: GRC and Risk Management
This course walked through a complete, practical approach to performing information and cybersecurity risk assessments across a business lifecycle, using a running cloud-migration case st...
Information Systems Operations and Business Resilience (ISACA CISA)
This domain — information systems operations and business resilience — is worth 26% of the CISA examination when combined with its companion operations-focused course. The business-resili...
Microsoft Security, Compliance and Identity Fundamentals
In IT, compliance is a set of digital security requirements and practices. Following compliance requirements helps ensure that a company's business processes are secure and that sensitive...
NIST Risk Management Framework (RMF)
The RMF is a process model consisting of seven clearly defined steps, each with specific associated activities. While it is often described sequentially, it is in fact an iterative model:...
Protection of Information Assets: Security Event Management (ISACA CISA)
Every technology, process, and policy in an organization must be monitored to confirm that the technology is functioning correctly, that policies remain current, and that procedures repre...
Interested in this course?
Contact us to book it or get a custom training plan for your team.