This post is also available in: English


Duration : 40 Hours

The Information Security Governance course is the perfect program for security professionals who manage, design, oversee and assess an enterprise’s information security or develop best organizational security practices.

HackerU’s training program is designed to promote international best practices and provides executive management with assurance that participants have the required experience and knowledge to provide effective security management and consulting services.


  • Identifying critical issues and customizing company-specific practices to support the governance of information and related technologies
  • Acquiring a comprehensive view of information systems security management and their relationship to organizational success
  • Ensuring improved alignment between the organization’s information security program and its broader goals and objectives

Pre- requisites


Course Outline

Module 1: Information Security Management

  • Introduction to Information Security
  • Strategic view: conceptual and strategic goals with a risk based approach
  • Technological platforms
  • Tasks and responsibilities of the Information Security Officer

Module 2: Information Security Governance – Practical

  • Establishing and maintaining organizational IS strategy
  • Identifying Influences to the organization
  • Defining and communicating roles and responsibilities
  • Monitoring, evaluation and report metrics
  • Asset Identification
  • Risk Assessment
  • Vulnerability Assessments
  • Asset Management

Module 3: Security Program Management

  • Information Security Strategy
  • Program Alignment of Other Assurance Functions
  • Development of Information Security Architectures
  • Security Awareness, Training, and Education
  • Communication and Maintenance of Standards, Procedures, and Other Documentation
  • Change Control
  • Lifecycle Activities
  • Security Metrics
  • Planning
  • Security Baselines
  • Business Processes
  • Security Program Infrastructure
  • Lifecycle Methodologies
  • Security Impact on Users
  • Accountability
  • Security Metrics
  • Managing Resources

Module 4: Incident Management and Response

  • Response Management Overview
  • Importance of Response Management
  • Performing a Business Impact Analysis
  • Developing Response and Recovery Plans
  • The Incident Response Process
  • Implementing Response and Recovery Plans
  • Response Documentation
  • Post-Event Reviews