by McLearn eLearning | Publisher: Stone River eLearning | Release Date: July 2019 | ISBN: 10000000ML113

Information security is everyone's responsibility. Everyone in an organization plays a part in establishing good security practices. However, in your personal life, securing your personal information is completely up to you. Nobody else is going to do it for you. Therefore, whether you are concerned about protecting your personal information or your business information, a solid awareness of information security incident concepts is an essential place to start. In this course, you'll learn about getting prepared for the inevitability of having to manage information security incidents. First, you'll learn about building the information security organization, and establishing security policies and a code of conduct concepts. Next, you'll learn about enabling information security with people, processes, and technology. Finally, you'll learn about improving security using a formal audit program. After watching this course, you'll have a solid foundation of the concepts and knowledge needed to properly manage information security incidents. What you'll learn: By the time you complete this course, you will be well prepared to participate as an active member of any information security team. Requirements and prerequisites: Before beginning the course, you should be familiar with the basic concepts that are outlined in the Information Security Threats and Risks ISO/IEC 27002 course. Who this course is for: This course is designed for business and IT professionals.

1. Introduction
   • Preparing For Success 00:05:47
2. Building the Information Security Organization
   • An Intro To Planning An Information Security Organization 00:01:00
   • Establishing an Effective Security Practice 00:03:35
   • Establishing Centralized Governance 00:03:12
3. Establishing Security Policies and a Code of Conduct
   • Establishing the Security Policy 00:05:41
   • Establishing Security Prior to and During Employment 00:02:37
4. Enabling Information Security with People, Process, and Technology
   • Establishing the Information Security Management System 00:02:34
   • The Deming Cycle 00:03:34
5. Using the Security Incident Cycle to Improve Security Response
   • Reporting an Incident or Weakness 00:03:32
   • Using The Incident Response Cycle 00:02:08
6. Logging and Managing Security Events and Incidents
   • The Value of Establishing Incident Management Procedures 00:06:28
   • Establishing Incident Categories and Priorities 00:04:14
   • Implementing an Incident Escalation Process 00:02:42
7. Complying with Regulatory, Legislative, and Organization Mandates
   • Securing Intellectual Property 00:03:05
   • Protecting Private Information 00:04:24
8. Improving Security with a Formal Audit Program
   • Securing The Audit 00:02:25