Understanding the vital concepts like Confidentiality, data Integrity and Availability, what is a threat versus vulnerabilities, and pertinent statistics on current data security trends.
Elucidate on different industry standard IT risk assessment process and methodologies
Best practices for securing company information systems
Media Control – Storage state ( encrypted/not encrypted ) confidential/sensitive data
Email Security - double checking addressees, avoiding putting sensitive information in the body of emails but rather in an encrypted attachment
Physical security – policing work areas for sensitive info, shredding un-needed paper copies, being wary of shoulder surfing and tailgating in sensitive areas, printer security.
Overview of incident reporting policy & procedures that detail what to do if they believe a security incident has occurred, who to call, what to expect and what information to provide to responsible parties