IT and Information Security Governance

• Explain the importance of information security laws and regulations.
• Interpret impacts of information security laws and regulations on your information security program.
• List and describe the information security risks with attention to the organizational, governmental, and regulatory requirements that your organization may face.
• Prepare policies and procedures to address the risks.
• Define the baseline controls that will be used to measure the effectiveness of your strategy and describe how these data will be collected and used for auditing and improvement purposes.