1. Home
  2. DMBK9: Data Security Management

DMBK9: Data Security Management ( dmbk9 | 21 hours )

Prerequisites:
  • CDMP Fundamentals
Overview:

The course covers Data Security Management within the DAMA Body of Knowledge (DMBoK®) in depth. Some of the key goals of Data Security Management include enabling appropriate access to organizational data assets and prevention of inappropriate usage. It is also an essential component in regulatory compliance, ensuring privacy and confidentiality of enterprise data assets. This course takes an in-depth look at the guiding principles, drivers, requirements, standards, categories of control, risk assessment, permissions, monitoring, and many other essential components of Data Security Management.

Purpose

To learn about the many different elements of Data Security Management and its importance as a key Data Management discipline.

Outcome

  • Learn about key points in implementing Data Security Management
  • Understand regulatory requirements and other drivers
  • Discuss authentication, authorization, access, and audit (4As)
  • Explore issue types, controls, classification processes, outsourcing, and topologies
Course Outline:
  • Data Security Management and the DMBoK
    • DAMA DMBoK Wheel
  • Guiding Principles
    • Data Security Guiding Principles
    • Sources of Data Security Requirements
    • Stakeholder Concerns
    • Government Regulations
    • Necessary Business Access Needs
    • Legitimate Business Concerns
    • The Regulatory and Other Drivers
    • The Four A’s
      • Authentication
      • Authorization
      • Access
      • Audit
    • Defining Standards
    • CIA
      • Confidentiality
      • Integrity
      • Availability
    • Four Issue Types
  • Controls
    • Three Categories of Controls
    • Identifying Controls Through Risk Assessment
    • Controls
      • Administrative Controls
      • Logical Controls
      • Physical Controls
    • Aspects, Threats, and Controls in Context
    • Manage Users, Passwords, and Group Membership
    • Manage Data Access Views and Permissions
    • Monitor User Authentication and Access Behavior
    • Classify Information Confidentiality
    • Information Classification Schema
    • Information Classification Process
  • Audits and Topologies
    • Audit Data Security
    • Data Security and Outsourcing
    • Network Security
    • Network Topologies
    • Securing IT Infrastructure
    • IT Security Threats (11 Different Types)
      • Notable Examples
  • Wrap Up
    • Key Takeaways