Policies form the foundation of any information security program and having strong data security policies is a critical component of your efforts to protect information. In this video, learn about the role that data security policies play in an organization and how to create appropriate security policies, particularly around data storage, transmission, retention, wiping, and disposal.
- [Narrator] Policies form the foundation…of any information security program,…and having strong data security policies…is a critical component of your efforts…to protect information.…Data security policies and procedures…play several important roles in an organization.…No matter what specific issue…a policy or procedure covers,…it should meet several key criteria.…Policies provide the foundational authority…for data security efforts,…adding legitimacy to your work…and providing a hammer if needed to ensure compliance.…
They also offer clear expectations…to everyone involved in data security…by explaining what data must be protected…and the controls that should be used…to protect that data.…They provide guidance on the appropriate paths to follow…when requesting access to data for business purposes,…and they offer an exception process…for formally requesting policy exceptions…when necessary to meet business requirements.…Let's take a look at a few of the key issues…that your data security policy should cover…following these principles that I just described.…
Want more CySA+ test prep tips? Visit certmike.com to join Mike's free study group.
We are a CompTIA Content Publishing Partner. As such, we are able to offer CompTIA exam vouchers at a 10% discount. For more information on how to obtain this discount, please download these PDF instructions.
- Security governance
- Security roles and responsibilities
- Security policies
- Complying with laws and regulations
- Auditing and assessing security
- Personnel security
- Security training
- Vendor management
Skill Level Intermediate
Insights from a Cybersecurity Professionalwith Mike Chapple32m 15s Intermediate
Implementing an Information Security Programwith Kip Boyle2h 33m Intermediate
1. Security Governance
2. Security Policy
3. Regulatory Compliance
4. Assessing Security Processes
5. Personnel Security
6. Awareness and Training
7. Vendor Management
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.