Recognize and differentiate information security policies and strategies to guide the development of standards and procedures, in alignment with organizational goals and objectives;Identify and differentiate among the four types of access control: identification, authentication, authorization, and accountability.;Determine the proper steps to implement comprehensive business continuity, disaster recovery, and incident response plans.;Determine the major threat vectors for systems, including cyber adversaries, the cybercrime economy, and various types of attacks.;Understand data breach implications and privacy considerations.;Compare and contrast controls to mitigate cybersecurity risks.;Analyze the components of an organization's cybersecurity risk management program.;Apply the SOC for Cybersecurity report, including report content, target users, and use of the report in conjunction with an entity’s overall cybersecurity risk mitigation strategy.

Elements of security policy;Logical and physical access controls;Network and system security controls;Business continuity planning and disaster recovery;Cyberattacks, data breaches, and privacy;Cybersecurity frameworks and regulations;Cybersecurity risk management considerations and controls;Components of cybersecurity risk management program