Security Program Management (2020)
The intent of the Security Program Management Knowledge Unit is to provide students with the knowledge necessary to define and implement a security program for the protection of an organizations systems and data.
To complete this KU, students should be able to:
- Apply their knowledge to develop a security program, identifying goals, objectives and metrics.
- Apply their knowledge to effectively manage a security program.
- Assess the effectiveness of a security program.
- Goals and objectives of a security program.
- Measuring the effectiveness of a security program (metrics).
- Roles and Responsibilities of the Security Organization
- Security Policies.
- Compliance with Applicable Laws and Regulations
- Security best practices and frameworks.
- Security Baselining
- Program Monitoring and Control
- Security Awareness, Training and Education
- Security program addresses:
- Physical Security
- Personnel Security
- System and Data Identification
- System security plans.
- Configuration and Patch management
- System Documentation
- Incident Response Program
- Disaster Recovery Program.
- BYOD issues
- Certification and Accreditation
- Identify goals and metrics for a security program.
- Select training courses based on identified needs.
NICE Framework Categories
Related Knowledge Units
Original Knowledge Unit
Suggested academic readings
Sample knowledge test
Sample skills test
Sample abilities test
Additional notes or materials