Chapter 0. Why we need security programs -- chapter 1. Develop an information security strategy -- chapter 2. Integrate security into the organization -- chapter 3. Establish a security organization -- chapter 4. Why information security policies? -- chapter 5. Manage the risks -- chapter 6. Protect the data -- chapter 7. Manage the security of third parties and vendors -- chapter 8. Conduct security awareness and training -- chapter 9. Security compliance management and auditing -- chapter 10. Information security program metrics.
Summary
Demonstrates how to resolve immediate tactical needs, transform security needs into strategic goals, and put programs into operation with full lifecycle management.