From the course: Writing Security Policies and Standards
Unlock the full course today
Join today to access over 23,400 courses taught by industry experts.
Mapping policies to governance frameworks
From the course: Writing Security Policies and Standards
Mapping policies to governance frameworks
How do you know if your organization has the right security policies to protect data and manage risks effectively? A reliable way to ensure your organization has proper policy coverage is to map your policies against a governance framework like ISO 27001, HIPAA, or PCI DSS. This mapping is crucial if your organization needs to comply with one or more of these frameworks. But even if compliance isn't required, leveraging one of these frameworks provides a structured approach to building your policy architecture. For instance, consider the ISO 27001 framework for mapping your organization's policies. ISO 27001 is an international standard used by many organizations to build robust security programs and manage risk effectively. Its controls are organized into 15 operational capabilities. Governance, Asset Management, Information Protection, Human Resource Security, Physical Security, System and Network Security, Application Security, Secure Configuration, Identity and Access Management…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
What are policies, standards, procedures, and guidelines?3m 52s
-
(Locked)
Common security policies and standards2m 43s
-
(Locked)
Mapping policies to governance frameworks3m 2s
-
(Locked)
The security policy lifecycle3m 28s
-
(Locked)
Creating a security policy architecture diagram3m 32s
-
(Locked)
Challenge: Distinguish between security directives1m 54s
-
(Locked)
Solution: Distinguish between security directives2m 13s
-
-
-
-
-
-