Security Program Management
The intent of the Security Program Management Knowledge Unit is to provide students with the knowledge necessary to define and implement a security program for the protection of an organizations systems and data.
Topics
- Measuring the effectiveness of a security program (metrics).
- Security program: a. Physical Security b. Personnel Security c. System and Data Identification d. System security plans e. configuration and patch management f. System Documentation g. Incident Response Progra h. Disaster Recovery Program i. Certification and Accreditation
- Security program addresses: a. Physical Security b. Personnel Security c. System and Data Identification d. System security plans. e. Configuration and Patch management f. System Documentation g. Incident Response Program h. Disaster Recovery Program. i. Certification and Accreditation
- Security Policies. a. Compliance with Applicable Laws and Regulations b. Security best practices and frameworks.
- Roles and Responsibilities of the Security Organization
- Goals and objectives of a security program.
- Security Program addresses
- Security Awareness, Training and Education
- System Documentation
- Security Policies.
- Compliance with Applicable Laws and Regulations
- Security best practices and frameworks.
- e. Configuration and Patch management
- Security program addresses:
- Security Policies. a. Compliance with Applicable Laws and Regulations
- Configuration and Patch management
- Security Baselining
- System and Data Identification
- System security plans.
Outcomes
- Apply their knowledge to develop a security program, identifying goals, objectives and metrics.
- Apply their knowledge to effectively manage a security program.
- Assess the effectiveness of a security program.
- Security Policies. a. Compliance with Applicable Laws and Regulations
- Apply their knowledge to develop a security program, identifying goals, objectives and metrics
KSA-T
Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.
Learn More about the KAS-T's.
| ID | DESCRIPTION |
|---|---|
| K0053 | Knowledge of measures or indicators of system performance and availability. |
| K0497 | Knowledge of operational effectiveness assessment. |
| K0026 | Knowledge of business continuity and disaster recovery continuity of operations plans. |
| K0041 | Knowledge of incident categories, incident responses, and timelines for responses. |
| K0042 | Knowledge of incident response and handling methodologies. |
| K0230 | Knowledge of cloud service models and how those models can limit incident response. |
| K0157 | Knowledge of cyber defense and information security policies, procedures, and regulations. |
| K0377 | Knowledge of classification and control markings standards, policies and procedures. |
| K0579 | Knowledge of the organization, roles and responsibilities of higher, lower and adjacent sub-elements. |
| K0101 | Knowledge of the organization??s enterprise information technology (IT) goals and objectives. |
| K0243 | Knowledge of organizational training and education policies, processes, and procedures. |
| K0215 | Knowledge of organizational training policies. |
| K0226 | Knowledge of organizational training systems. |
| K0003 | Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy. |
| K0410 | Knowledge of cyber laws and their effect on Cyber planning. |
| K0524 | Knowledge of relevant laws, regulations, and policies. |
| K0168 | Knowledge of applicable laws, statutes (e.g., in Titles 10, 18, 32, 50 in U.S. Code), Presidential Directives, executive branch guidelines, and/or administrative/criminal legal guidelines and procedures. |
| K0222 | Knowledge of relevant laws, legal authorities, restrictions, and regulations pertaining to cyber defense activities. |
| K0275 | Knowledge of configuration management techniques. |
| K0150 | Knowledge of enterprise incident response program, roles, and responsibilities. |
| K0073 | Knowledge of secure configuration management techniques. (e.g., Security Technical Implementation Guides (STIGs), cybersecurity best practices on cisecurity.org). |
| ID | DESCRIPTION |
|---|---|
| S0077 | Skill in securing network communications. |
| S0365 | Skill to design incident response for cloud service models. |
| S0054 | Skill in using incident handling methodologies. |
| S0367 | Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). |
| S0145 | Skill in integrating and applying policies that meet system security objectives. |
| S0354 | Skill in creating policies that reflect the business??s core privacy objectives. |
| ID | DESCRIPTION |
|---|---|
| A0121 | Ability to design incident response for cloud service models. |
| A0123 | Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). |
| A0019 | Ability to produce technical documentation. |
| A0171 | Ability to conduct training and education needs assessment. |
| A0006 | Ability to prepare and deliver education and awareness briefings to ensure that systems, network, and data users are aware of and adhere to systems security policies and procedures. |
| A0033 | Ability to develop policy, plans, and strategy in compliance with laws, regulations, policies, and standards in support of organizational cyber activities. |
| A0094 | Ability to interpret and apply laws, regulations, policies, and guidance relevant to organization cyber objectives. |
| ID | DESCRIPTION |
|---|