This CITP program establishes literacy and understanding of the basic pillars of an organizational security practice. It covers a broad range of organizational risks which exist inside the common enterprise and how to address them. The CITP addresses several risk management strategies and prepares the learner to apply them to the security concerns of technology, policy, identity and access.

Good security skills and practices in an organization consist of well integrated technology tools and frameworks, business process and policy, and project and work/build practices. It also includes response and recovery tools, such as response plans for when intrusions are detected, how to detect intrusions, and risk reduction measures like business continuity planning.

Upon completing the CITP program, the learner will have a well-established understanding of the components of organizational policy which form a multi-layered risk management strategy.