Module 10: Policy & Governance
Description
This module covers policies and governance issues. Topics covered include federal Critical Infrastructure policies and legislation, information sharing of threats among agencies, public/private partnerships, and standards and regulations, as well as compliance. Issues relevant to specific sectors is discussed, such as intellectual property, and the roles of HIPAA, Sarbanes-Oxley, Gramm-Leach-Bliley, and PCI (DSS) are reviewed.
Objectives
| # | Revised Bloom’s Taxonomy | Objective | Slide # | Act. 1 | Team Act | Assess Ques # |
|---|---|---|---|---|---|---|
| 10.1 | Understand | Identify information-sharing strategies and initiatives as established by the Department of Homeland Security (DHS). | 3-9 | N/A | X | 1, 2, 3 |
| 10.2 | Understand | Describe threat intelligence information sharing among public and private partners, including Information Sharing and Analysis Centers (ISACs). | 10-13 | N/A | X | 4 |
| 10.3 | Understand | Explain the roles that DHS’s National Cybersecurity and Communications Integration Center (NCCIC) and CISA Central play in infrastructure protection. | 14-16 | N/A | X | 5, 6 |
| 10.4 | Understand | Describe issues relevant to specific critical infrastructure sectors, such as HIPAA and other regulations and laws. | 17 | N/A |
