Requirement 12: An overview of the Information Security Policy and Supporting Security Policies and Programs

This course covers a lot of information over 5 modules. We break down the

  • information security policy,
  • acceptable end user policies,
  • targeted risk analysis,
  • establishing a PCI compliance program,
  • additional scope requirements,
  • the security awareness training,
  • HR background checks,
  • managing third party service providers and
  • the incident response plan.

After completion, you’ll have an understanding of not just the requirements in requirement 12 but also what you need to have in your documentation.

Course Curriculum

Start Next Lesson Requirement 12.1 and 12.2
Information Security Policy and Acceptable Use Policy
Scope, Security Awareness Training, and HR Background Checks