Stolen laptops, misplaced USB drives, network infiltration by hackers or viruses, crippling denial-of-service attacks—the threats to an organization’s sensitive data are many and continue to grow, even as more and more sensitive data and personally identifying information are maintained and transmitted electronically. The costs associated with information security breaches continue to grow also, partly because of increasingly stringent regulations that hold organizations financially responsible when they fail to secure their sensitive information.
So how should organizations respond to these threats? With a comprehensive, coordinated plan that employs both physical and electronic measures designed to keep sensitive data and personally identifying information out of the hands of cyber criminals and identity thieves.
This course details the extent and potential costs of the information security problem, describes the key components of a well designed information security plan, and outlines strategies that can go a long way toward protecting one of an organization’s most valuable assets—its information.
Managers, Supervisors, and Leaders of Businesses and Organizations
TIME TO COMPLETE
100 - 110 minutes
To describe the risks associated with maintaining and transmitting sensitive data and personally identifying information, and to instruct leaders of businesses and organizations in developing strategies for mitigating these risks.
After completing this course, the learner will be able to:
- distinguish between first- and third-party information risks;
- recognize various types of first- and third-party information risks;
- define the scope of the threat that information security breaches pose to organizations, based on current statistics;
- interpret the major provisions of federal and state laws governing organizations' responsibilities for securing sensitive data and personally identifying information in their possession;
- define the elements of effective risk management procedures;
- develop and implement an appropriate information security policy for an organization;
- identify the threats to information network security and the tools needed to secure networks against security breaches; and
- develop a Computer Security Incident Response Plan and strategies for managing the risks associated with maintaining and transmitting sensitive data and personally identifying information.
- An Overview of Information Risk
- Statistics on Information Security Breaches
- Federal and State Regulations Governing Information Security
- Essential Risk Management Procedures
- Drafting an Information Security Policy
- Procedures for Properly Disposing of Sensitive Information
- Securing Networks against Information Security Breaches
- Responding to Information Security Breaches
HR CERTIFICATION INSTITUTE
This program has been approved for 1.75 recertification credit hours toward PHR, SPHR, and GPHR recertification through the HR Certification Institute. For more information about certification or recertification, please visit the HR Certification Institute. (The use of this seal is not an endorsement by the HR Certification Institute of the quality of this program. It means that this program has met the HR Certification Institute's criteria to be pre-approved for recertification credit.)
SOCIETY FOR HUMAN RESOURCE MANAGEMENT
The Human Equation is recognized by SHRM to offer Professional Development Credits (PDCs) for the SHRM-CPSM or SHRM-SCPSM. This program is valid for 1.75 PDCs for the SHRM-CP or SHRM-SCP. For more information about certification or recertification, please visit SHRM.