Recognize and differentiate information security policies and strategies to guide the development of standards and procedures, in alignment with organizational goals and objectives.;Identify and analyze risk management processes and procedures to ensure compliance with applicable security, privacy laws and regulations.;Identify and differentiate among the four types of access control: identification, authentication, authorization, and accountability.;Identify logical and physical access controls necessary to safeguard critical systems and information pursuant to compliance requirements.;Identify incident response processes for detecting and responding to security risks.;Determine the proper steps to implement comprehensive business continuity, disaster recovery, and incident response plans.

Elements of security policy;Organizational risk assessment;Identity and access management;Logical and physical access controls;Network and system security controls;Buiness continuity planning;Disaster recovery