Loading Events

IT Security planning is essential to any organization. The development, appreciation, and expression of the IT security strategy and plan are the single most important factors in setting the security tone for an organization.

If you try to achieve a level of security that is too ambitious and inappropriate for the organization, you will not retain support from management. They will soon see that you are pumping money and head-count where it is not effective. Yet unless you take a high-level, whole organization approach, you will never obtain the backing or the funding to enforce any policy you write.

The strategic planning process for the whole enterprise considers several key factors. The IT security planning process should consider the same factors—which is not surprising, since it is fundamentally the same process, only focused on information security.

1.     Introduction to the course syllabus

This document provides the detailed outline of the IT Security Planning 5-day course. You will be provided you with:

  • Course syllabus
  • Presentation material
  • Exercise material

IT Security planning is essential to any organization. The development, appreciation, and expression of the IT security strategy and plan are the single most important factors in setting the security tone for an organization.

If you try to achieve a level of security that is too ambitious and inappropriate for the organization, you will not retain support from management. They will soon see that you are pumping money and head-count where it is not effective. Yet unless you take a high-level, whole organization approach, you will never obtain the backing or the funding to enforce any policy you write.

The strategic planning process for the whole enterprise considers several key factors. The IT security planning process should consider the same factors—which is not surprising, since it is fundamentally the same process, only focused on information security.

2.     Course preparation

There are no preparation or prerequisites for this course.

3.     Administrative and logistical activities

There is no specific administrative nor logistical activities for this course.

4.     Target group

The target group of the IT Security Planning training is drawn from:

  • Security experts
  • Business continuity managers
  • Members of business continuity teams
  • Crisis response team leaders and members
  • Owners of small- and medium sized enterprises (SMEs)
  • Individuals seeking to ensure the continuity of essential processes in an organization during a security breach
  • Owners, managers, and leaders seeking to ensure the safety and well-being of their employees and the organization

5.     Benefits of this training

Attending the IT Security Planning training will help you to understand:

  • How to develop a vision, organizational goals and policies
  • How to assess and develop an IT security policy
  • How to identify security gaps and how to mitigate them
  • How to develop competencies in IT security
  • How to implement strategic management practices

6.     Course objectives

This training course is intended to help participants understand and become familiar with the different concepts with regard to IT Security Planning and find out how to prepare for and respond to potential security threats or vulnerabilities.

The following are the course objectives:

  • Developing a vision, organizational goals and policies
  • IT security policy assessment and development
  • Security gaps and how to mitigate future vulnerabilities
  • Develop competencies in IT security leadership and leadership development, developing members and managing members
  • How to implement strategic management through confirmatory exercises.

This training course is based on the good practices commonly used in ISO standards and other best practice guidelines provided by several local and international organizations.

7.     Delivery method

6.1       Educational alternatives

This course was designed so that it makes use of the following educational alternatives:

  • Deduction: Using anecdotes and examples, the training presents use cases before the concepts have even been The students deduct the learning from their own analysis. The topic and its concepts are presented afterwards to demonstrate how theory applies to what was deducted.
  • Questioning: Asking questions forces participants to stop and think about different variables. It also enables the participants to put the newly acquired knowledge to the Quizzes have been incorporated as part of the training to make sure that the concepts are well understood by the participants.
  • Demonstrating: Some use cases have been incorporated to the training AFTER the These serve to explain a cause and effect relationship using the newly acquired knowledge.

8.     Session plans

The following provides individual session objectives for the different modules covered in the training.

Course Outline:

Module 0 – Training course objectives and structure

Module 1 – Developing a vision, organizational goals and policies

Module 2 – IT security policy assessment and development

Module 3 – Security gaps and how to mitigate future vulnerabilities

Module 4 – Develop competencies in IT security

Module 5 – How to implement strategic IT security management

Module 6 – Closing of the training course

For more information, please see the IT-Security-Planning-course-syllabus-V1.0.pdf

IT Security Planning