Cybersecurity Planning and Management (2020)

From CyberEdWiki
Jump to: navigation, search

The intent of the Cybersecurity Planning and Management Knowledge Unit is to provide students with the ability to develop plans and processes for a holistic approach to cybersecurity for an organization.


After completing the KU, students will be able to:

  1. Assess the placement of security functions in a system and describe the strengths and weaknesses.
  2. Formulate contingency plans for various size organizations to include: business continuity, disaster recovery and incident response.
  3. Create system specific plans for:
    • The protection of intellectual property
    • The implementation of access controls
    • Patch and change management
  4. Outline and evaluate the roles of personnel in planning and managing security, including:
    • The Board of Directors
    • Senior Management
    • The Chief Information Security Officer (CISO)
    • IT Management (CIO, IT Director, etc)
    • Functional Area Management
    • Information Security personnel
    • End users


  1. Broad coverage of the cybersecurity Common Body of Knowledge (CBK) and how it affects planning and management.
  2. Differentiate and provided examples of Operational, Tactical, and Strategic Planning and Management
  3. Examine C-Level Functions which impact cybersecurity.
  4. Making cybersecurity a strategic essential (part of core organizational strategy)
  5. Identify requirements and create plans for Business Continuity / Disaster Recovery
  6. Develop processes and procedures for incident response
  7. Planning for protection of intellectual property
  8. Managing the implementation of access controls
  9. Managing patch and change control


  1. Use resources to assemble and adjust plans for:
    • Security
    • Business continuity
    • Disaster recovery
    • Other related areas.

NICE Framework Categories[edit]

CSEC 2017 Categories[edit]

Specialization Areas[edit]

See also[edit]

Related Knowledge Units

Further reading[edit]

Suggested textbooks[edit]

Suggested academic readings[edit]

Sample knowledge test[edit]

Sample skills test[edit]

Sample abilities test[edit]

Additional notes or materials[edit]


Reference ID[edit]