|
Security of Information Series I
(Management Level)
Security of confidential data is an important issue that affects
virtually every policy, procedure, and employee throughout
an organization. This set of 11 modules covers security practices
that can help initiate, implement, and maintain security within
the organization. This stimulating management level series
covers policy development and technology best practices. Management
issues covered include policy formulation, security management,
user issues, physical security, and contingency planning;
while technology practices include incident management, system
management, authentication, and auditing. Each title includes
a testing function that will assess and document each participant's
practical understanding of the concepts presented.
Titles
include:
Administrative
Procedures
- Overview
of Information Security (SISM001)
- Computer
Security Deployment Plan (SISM002)
- Disaster
Recovery (SISM003)
- Certification
(SISM004)
- Chain
of Trust Partner Agreement (SISM009)
- Contingency
Planning (SISM005)
- Formal
Mechanism for Processing Records (SISM010)
- Information
Access Control (SISM006)
- Internal
Audit (SISM007)
- Personnel
Security (SISM011)
- Security
Configuration Management (SISM012)
- Security
Incident Procedures (SISM013)
- Security
Management Process (SISM014)
- Termination
Procedures (SISM008)
- Training
(SISM015)
Physical
Safeguards
- Media
Controls (SISM016)
- Physical
Access Controls (SISM017)
- Work
Station Use (SISM018)
- Secure
Work Station Location (SISM019)
- Security
Awareness Training (SISM020)
Technical
Security Services
- Access
Control (SISM021)
- Audit
Controls (SISM022)
- Authorization
Control (SISM023)
- Data
Authentication (SISM024)
- Data
Storage (SISM025)
- Entity
Authentication (SISM026)
Technical
Security Mechanisms
- Communications/Network
Controls (SISM027)
- Integrity
controls (SISM028)
- Message
authentication (SISM029)
- Access
controls (transmission protection) (SISM030)
- Encryption
(SISM031)
|
|
Security
of Information Series II (User Level)
The greatest potential for compromising the security of confidential
information is at the user level. Because network users deal
with all types of sensitive information, and send, receive
and process data using a variety of methods and formats, the
line-level employee remains the weakest point in any long-term
security solution. This set of seven education and training
modules is directed toward system users, offering practical,
day-to-day solutions to assure the continued security of systems
and data. Each title includes a testing function that will
assess and document each participant's practical understanding
of the concepts presented.
Titles
include:
- Changing
Your Password (SISL001)
- Physical
Access Control: Identification Badges (SISL002)
- Computer
Viruses (SISL003)
- Secure
Deletion of Files (SISL004)
- Back-up
Procedures (SISL005)
- Social
Engineering (SISL006)
- Electronic
Signatures and Encryption (SISL007)
|