Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

LinkedIn Learning

Implementing an Information Security Program

via LinkedIn Learning


Learn how to build an information security program, implement it at your organization, and keep it in operation to mitigate risk and remain in compliance.

Building and operating an information security program at your organization can be challenging. The scope can be vast and complex. Thinking of all the ways an organization can fail and coming up with actionable measures you can take to prevent issues, mitigate risk, or recover from events is a large undertaking. In this course, Kip Boyle, president of Cyber Risk Opportunities, guides you through the entire process of creating an information security program, rolling it out to your organization, and maintaining it for continuous risk management.


  • Protect against cyber attacks
  • What you should know
  • Information security overview
  • Cybersecurity overview
  • Cyber resilience overview
  • Risk management overview
1. Information Security Program Goals
  • Achieve your customers’ expectations
  • Cyber-attack and failure resilience
  • Compliance with laws and regulations
  • Support executives and the BOD
2. Information Security Program Components
  • Essential functions of a program
  • Determine your role
  • Build a team
  • The need for management
  • The need for leadership
3. Structure an Information Security Program
  • Sources of controls
  • Organize around cyber resilience
  • Design an information security program
4. Measure Information Risks
  • Plan to measure information risks
  • Use a data-driven cyber risk management method
  • Understand the 0 to 10 scale
  • Set target scores for each control
  • Decide where to measure information risk
  • Create a score key for experts
  • Prepare to collect scores from experts
  • Set up a score collection workflow
  • Collect scores from your systems
5. Understand Information Risks
  • The questions that drive us
  • Determine resilience
  • Determine the top five risks
  • Understand the leadership landscape
6. Manage Information Risks
  • Generate ideas to manage top risks
  • Estimate costs
  • Estimate benefits
  • Prepare proposals
7. Demonstrate Compliance and Progress
  • Communicate with executives
  • Communicate with stakeholders
  • Communicate with auditors
8. Use a Workflow to Organize Work
  • Determine measurement frequency
  • Build on baseline measurements
  • Construct an annual program of work
  • Next steps

Taught by

Kip Boyle

Related Courses


Start your review of Implementing an Information Security Program

Never Stop Learning!

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free