This course first introduces the full spectrum of basic information security concepts necessary for establishing governance program in computing environments, i.e., technological, administrative, and physical, including security fundamentals, security in programs, operating systems, networks, and databases, cryptography, and security auditing. It then explores security governance domain, covering its objectives, metrics, roles and responsibilities, and risk management.