This course provides students with an introduction
to information security policies. The course discusses the entire lifecycle of
policy creation and enactment and presents students with issue specific
policies in different domains of security. The structure of the policy is also
discussed to assist the students in design and modification of policies.
Several examples from different domains are incorporated to assist students to
learn in context of real life situations.
The topics covered by this course include General
Overview of Policies, Policy Lifecycle, and Writing Security Policies,
Information Classification and Privacy Policies, Network Security and Email
Policies, Application, Operating System and Software Security Policy,
Encryption and Key Management Policy, Security Policy: Audit and Compliance,
Acceptable Use Policies and Training /Awareness, Security Policy: Enforcement
and Effectiveness.