Bringing it all together: security governance, risk management, building and running a security program, and preparing for the CCP final examination.
Design and implement security governance frameworks aligned with business objectives
Conduct risk assessments using ISO 27005 and NIST RMF methodologies
Build and operate an effective Security Operations Center
Develop security awareness programs and measure security program effectiveness
Security governance frameworks, CISO role, security policies, aligning security with business objectives, and board-level reporting.
Risk assessment methodologies (ISO 27005, NIST RMF), risk treatment options, risk registers, and communicating risk to stakeholders.
Building and operating a SOC, SOC models, SIEM implementation, metrics and KPIs, and SOC maturity assessment.
Building a comprehensive security program, security awareness training, vendor risk management, and measuring security effectiveness.
Final module assessment. Passing unlocks the CCP Final Examination and Capstone Project.
Multiple layers of security controls, so failure of one doesn't compromise the entire system.
The level of risk an organization is willing to accept to achieve its objectives.
"What gets measured gets managed." Learn to quantify security effectiveness.
Security exists to enable business, not obstruct it. Learn to speak the language of executives.