![[FA] SIT One SITizen Alumni Initiative_Web banner_1244px x 688px.jpg](/sites/default/files/2024-12/%5BFA%5D%20%20SIT%20One%20SITizen%20Alumni%20Initiative_Web%20banner_1244px%20x%20688px.jpg)
Security Governance, Risk Management and Compliance
This module will teach the student about the leadership, organizational structures and processes that safeguard information.
Topics covered include: aligning information security program with business needs, developing a security strategy, establishing security management structure, security governance with reference to security frameworks such as ISO/IEC 27000 series, COBIT and ITIL, creating effective security policies, risk management processes, risk mitigation, laws and regulations such as Sarbanes-Oxley (SOX) and PCI-DSS, security compliance and audit, cloud computing policy, risk and governance, compliance and legal considerations for the cloud, case studies.
Possible Text: Information Security Governance Simplified: From the Boardroom to the Keyboard, by Todd Fitzgerald, CRC Press, 2011.