What are governance frameworks, and will I learn how to apply them?

Yes – There are several governance frameworks to learn, including ERM, ISM, and the BMIS model. In this part of CISM course, you will learn how to leverage these frameworks to help align business objectives with security objectives, manage and measure risk, and increase overall governance effectiveness.

What will I get if I subscribe to this Specialization?

When you enroll in the course, you get access to all of the courses in the Specialization, and you earn a certificate when you complete the work. Your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile.

Is financial aid available?

Yes. In select learning programs, you can apply for financial aid or a scholarship if you can’t afford the enrollment fee. If fin aid or scholarship is available for your learning program selection, you’ll find a link to apply on the description page.

Information Security Governance

Grow your skills with Coursera Plus for $239/year (usually $399). Save now.

Information Security Governance

This course is part of CISM Certification Preparation Specialization

Instructor: LearnKartS

Included with

Learn more

7 modules

Gain insight into a topic and learn the fundamentals.

1 week to complete

at 10 hours a week

Flexible schedule

Learn at your own pace

7 modules

Gain insight into a topic and learn the fundamentals.

1 week to complete

at 10 hours a week

Flexible schedule

Learn at your own pace

What you'll learn

Master theCISM frameworkandleverageits principles to drive impactful Information Security Governance across your organization.
Build a business-aligned Information Security strategy that delivers measurable value, integrates with goals, and drives enterprise success.
Define clear roles and responsibilities using RACI and governance models to ensureaccountabilityandoptimizeorganizational efficiency.
Implement advanced risk assessment techniques and performance metrics to execute and continuously improve your InfoSec strategy.

Details to know

Shareable certificate

Add to your LinkedIn profile

See how employees at top companies are mastering in-demand skills

Learn more about Coursera for Business

logos of Petrobras, TATA, Danone, Capgemini, P&G and L'Oreal

Build your subject-matter expertise

This course is part of the CISM Certification Preparation Specialization

When you enroll in this course, you'll also be enrolled in this Specialization.

Learn new concepts from industry experts
Gain a foundational understanding of a subject or tool
Develop job-relevant skills with hands-on projects
Earn a shareable career certificate

There are 7 modules in this course

Still stuck in operational security while leadership drives strategy?

Tools don’t unlock promotions. Governance does. Today’s organizations reward professionals who align Information Security with business goals, justify investments, manage enterprise risk, and deliver measurable value. That’s the capability this course builds. This Information Security Governance course is built for professionals targeting CISM-level and executive-track security roles. In this course, you will: • Analyze real breaches like Equifax from a governance lens • Establish accountability through charter and RACI • Apply policies, ethics, and regulatory compliance confidently • Build and defend a business-aligned InfoSec strategy • Align security initiatives with enterprise objectives and risk Unlike theory-heavy programs, this course delivers a business-first governance approach backed by real breach analysis and proven strategy frameworks. By the end, you won’t just understand governance — you’ll confidently design, justify, and lead it within your organization. Enroll now and step into strategic security leadership.

This module introduces the fundamentals of information security governance, including an overview of CISM certification. You’ll also explore key concepts such as governance objectives, security attributes, and the 2017 Equifax data breach case.

What's included

14 videos1 reading6 assignments

14 videos Total 55 minutes

Course Introduction 2 minutes
About CISM Certification 3 minutes
Explaining CISM in 5 minutes 7 minutes
Equifax Data Breach (2017) 7 minutes
Equifax Data Breach - Performance Metrics 5 minutes
Security Attributes 4 minutes
Enterprise Governance Definition 2 minutes
Governance vs Management 3 minutes
Why Governance? 3 minutes
Governance Objective: Value Creation 4 minutes
Importance of Information Security Governance 4 minutes
Governance Outcome 5 minutes
Governance Benefits 3 minutes
Scope and Charter of Information Security Governance 4 minutes

1 reading Total 10 minutes

Understanding CISM and the Role of Information Security Governance 10 minutes

6 assignments Total 96 minutes

Checkpoint Quiz 12 minutes
Checkpoint Quiz 20 minutes
Checkpoint Quiz 12 minutes
Proficiency Quiz 12 minutes
Proficiency Quiz 25 minutes
Proficiency Quiz 15 minutes

In this module, you’ll learn how organizational culture influences information security governance and the role of legal, regulatory, and contractual requirements. Topics include ethics in information security and effective business records management.

What's included

9 videos1 reading4 assignments

9 videos Total 27 minutes

Module Introduction 1 minute
Organizational Culture 3 minutes
How to Influence Organizational Culture? 3 minutes
Acceptable Use Policy (AUP) 3 minutes
Sample AUP 3 minutes
Ethics in Information Security 4 minutes
Legal, Regulatory, and Contractual Requirements 4 minutes
Types of Laws in Information Security 3 minutes
Effective Business Records Management 3 minutes

1 reading Total 10 minutes

Influencing Organizational Culture for Stronger Security Governance 10 minutes

4 assignments Total 67 minutes

Checkpoint Quiz 20 minutes
Checkpoint Quiz 12 minutes
Proficiency Quiz 20 minutes
Proficiency Quiz 15 minutes

This module covers organizational governance structures, the distinction between roles and responsibilities, and how to define them using tools like RACI charts. It also examines different governance models and their applications.

What's included

8 videos1 reading4 assignments

8 videos Total 19 minutes

Module Introduction 1 minute
Organizational Structures, Roles, and Responsibilities 3 minutes
Convergence of Roles and Responsibilities 2 minutes
Roles vs Responsibilities 1 minute
Roles Examples 1 minute
Identify Responsibility Through RACI Chart 3 minutes
Sample RACI Chart 5 minutes
Types of Governance Models 3 minutes

1 reading Total 10 minutes

Building Effective Governance Structures for Information Security 10 minutes

4 assignments Total 59 minutes

Checkpoint Quiz 12 minutes
CheckpointQuiz 12 minutes
Proficiency Quiz 15 minutes
Proficiency Quiz 20 minutes

This module focuses on how to develop an information security strategy that aligns with business goals. You’ll learn to create a business case for information security and evaluate information asset value in relation to strategy development.

What's included

9 videos1 reading4 assignments

9 videos Total 34 minutes

Module Introduction 1 minute
Business Case for Infosec Strategy 5 minutes
Information Security Strategy 4 minutes
Developing Information Security Strategy 6 minutes
Business Goals and Objectives 3 minutes
Value Determination 4 minutes
Information Asset Value Evaluation Matrix 6 minutes
Relationship Between Objectives and Strategy 2 minutes
Information Security Strategy Goals 4 minutes

1 reading Total 10 minutes

Strategic Foundations for Information Security 10 minutes

4 assignments Total 72 minutes

CheckpointQuiz 16 minutes
CheckpointQuiz 16 minutes
Proficiency Quiz 20 minutes
Proficiency Quiz 20 minutes

In this module, you'll learn how to align your information security strategy with business goals and governance structures. Topics include identifying common pitfalls in strategy development and using governance to achieve a desired state.

What's included

9 videos1 reading4 assignments

9 videos Total 29 minutes

Module Introduction 1 minute
InfoSec Strategy & Architecture Alignment 6 minutes
Ensuring InfoSec Objective and Business Integration 3 minutes
Business Linkages 3 minutes
Business Model for IS (BMIS Model) 3 minutes
Common Pitfalls in Developing a Security Strategy 7 minutes
What Is the Desired State? 3 minutes
Applying Governance to Desired State 2 minutes
Using GRC to Design Desired State 1 minute

1 reading Total 10 minutes

Integrating Information Security Strategy with Business Objectives 10 minutes

4 assignments Total 72 minutes

CheckpointQuiz 16 minutes
CheckpointQuiz 16 minutes
Proficiency Quiz 20 minutes
Proficiency Quiz 20 minutes

This module delves into the key frameworks and standards for designing an information security strategy. You’ll explore how to develop a security framework and the roles involved in strategy development, as well as governance framework components.

What's included

8 videos4 assignments

8 videos Total 35 minutes

Module Introduction 1 minute
InfoSec Strategy Framework Development 6 minutes
Key Steps to Develop Framework 4 minutes
Security Strategy Elements 4 minutes
Roles Involved in Developing InfoSec Strategy 5 minutes
Information Governance Frameworks and Standards 4 minutes
Governance Framework Components 5 minutes
Architecture & Its Types 6 minutes

4 assignments Total 63 minutes

CheckpointQuiz 12 minutes
Proficiency Quiz 15 minutes
CheckpointQuiz 16 minutes
Proficiency Quiz 20 minutes

This module covers the practical aspects of executing an information security strategy. You’ll explore business process architecture, enterprise risk management, and how to link strategic planning to risk assessment and business goals for successful execution.

What's included

12 videos4 assignments

12 videos Total 52 minutes

Module Introduction 1 minute
Business Process Architecture 6 minutes
Enterprise Risk Management (ERM) 5 minutes
Information Security Management (ISM) 6 minutes
Balanced Scorecard 5 minutes
Strategic Planning Key Linkages 5 minutes
Strategic Planning 5 minutes
Risk Assessment and Management 5 minutes
Assurance Provisions 2 minutes
Metrics 5 minutes
Executing Infosec Strategy 4 minutes
Summary 2 minutes

4 assignments Total 72 minutes

CheckpointQuiz 16 minutes
CheckpointQuiz 16 minutes
Proficiency Quiz 20 minutes
Proficiency Quiz 20 minutes

Earn a career certificate

Add this credential to your LinkedIn profile, resume, or CV. Share it on social media and in your performance review.

Instructor

LearnKartS

145 Courses 186,699 learners

Offered by

LearnKartS

Explore more from Security

LearnKartS
Information Security Risk Management
Course
LearnKartS
Information Security Program Management
Course
LearnKartS
Information Security Incident Management
Course

Why people choose Coursera for their career

Felipe M.

Learner since 2018

"To be able to take courses at my own pace and rhythm has been an amazing experience. I can learn whenever it fits my schedule and mood."

Jennifer J.

Learner since 2020

"I directly applied the concepts and skills I learned from my courses to an exciting new project at work."

Larry W.

Learner since 2021

"When I need courses on topics that my university doesn't offer, Coursera is one of the best places to go."

Chaitanya A.

"Learning isn't just about being better at your job: it's so much more than that. Coursera allows me to learn without limits."

Open new doors with Coursera Plus

Unlimited access to 10,000+ world-class courses, hands-on projects, and job-ready certificate programs - all included in your subscription

Learn more

Advance your career with an online degree

Earn a degree from world-class universities - 100% online

Explore degrees

Join over 3,400 global companies that choose Coursera for Business

Upskill your employees to excel in the digital economy

Learn more

Frequently asked questions

This course will be most beneficial for security managers, IT leaders, compliance professionals, risk analysts,andauditors. This course is designed for you if your aim is to move into strategy in cybersecurity leadership roles.

Prior knowledge of information security will be a plus, but it is not mandatory. With a step-by-step framework to learn governance concepts, risk management techniques,andstrategic alignment,thecourse is suitable for beginners as well as professionals with years of experience.

Yes. This course addresses CISM governance domains and core concepts for governance, strategy, risk management, and organizational responsibility. You get more depth on value creation, oversight and strategic alignment in ways that are essential for certification success.

In contrast to our traditional courses, which focus on a purely technical approach, this course brings in governance, strategy, and business alignment within applied perspectives of risk management, compliance, and performance metrics. This is meant to take you from an operational mindset to a strategic leadership position within cybersecurity.

Yes. Mastering governance, risk management, compliance and developing strategies related to these will definitely qualify you for senior leadership roles like Chief Information Security Officer (CISO), Security Manager, Risk Director or Governance Analyst. It’s particularly useful for anyone looking to step into executive cybersecurity jobs.

To access the course materials, assignments and to earn a Certificate, you will need to purchase the Certificate experience when you enroll in a course. You can try a Free Trial instead, or apply for Financial Aid. The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.

Information Security Governance

Information Security Governance

What you'll learn

Details to know

See how employees at top companies are mastering in-demand skills

Build your subject-matter expertise

There are 7 modules in this course

Introduction to Information Security Governance

What's included

Organizational Culture and Legal/Regulatory Requirements

What's included

Governance Structures, Roles, and Responsibilities

What's included

Developing Information Security Strategy

What's included

Aligning InfoSec Strategy with Business and Governance

What's included

Frameworks and Standards for Strategy Design

What's included

Strategic Planning and Execution

What's included

Earn a career certificate

Instructor

Offered by

Explore more from Security

Information Security Risk Management

Information Security Program Management

Information Security Incident Management

Why people choose Coursera for their career

Felipe M.

Jennifer J.

Larry W.

Chaitanya A.

Open new doors with Coursera Plus

Advance your career with an online degree

Join over 3,400 global companies that choose Coursera for Business

Frequently asked questions

Who should enroll in an Information Security Governance course?

Do I need prior experience in governance or risk management?

Is this course suitable for CISM exam preparation?

More questions