Event Summary
Many organizations recognize the need for strong security policies and programs but lack a clear, structured approach to developing and implementing them. Policies are often created in silos, overly complex, or disconnected from real-world operations, making them difficult to apply and sustain.
Without effective security policies, organizations face gaps in compliance, inconsistent practices, and increased vulnerability to threats. Poorly designed or communicated programs can lead to confusion, lack of accountability, and ineffective response to incidents—ultimately putting people, assets, and operations at risk.
This course provides a practical, step-by-step framework for developing and implementing security policies and programs that are both compliant and operationally effective. It focuses on core elements—risk assessment, policy design, communication, and enforcement—while emphasizing approaches that are sustainable and aligned with organizational goals.
Participants will be able to build or strengthen security policies that are clear, actionable, and aligned with compliance requirements. They will leave with a structured approach to implementing programs, improving accountability, and ensuring policies are consistently applied across the organization.
Who Should Attend
- Security leaders and program managers
- Risk, compliance, and safety professionals
- Operations and facility managers responsible for security practices
- IT/OT and cybersecurity professionals involved in policy development
- Anyone responsible for developing, implementing, or managing security programs
What You Will Gain
- A clear framework for developing effective security policies and programs
- Insight into aligning policies with compliance requirements and operational realities
- Practical steps for risk assessment, policy design, and implementation
- Strategies for communicating and enforcing policies across teams
- Tools to improve consistency, accountability, and program sustainability
- Increased confidence in strengthening your organization’s security posture
- Policies discussed will include Incident Response Plans, Business Continuity Plans, Technical Security Implementation Plans, Patch Plans, and Information Classification Plans
3 Professional Development Hours (PDH) upon completion
Meet Your Instructor
Annie McIntyre
Director of Security, EverLine
Annie McIntyre is the Director of Security at EverLine. Prior to EverLine, Ms. McIntyre was the President and Chief Executive Officer of Ardua Strategies, Inc., a Texas Corporation, providing solutions for the cyber and operational security issues of energy and infrastructure. Prior to founding Ardua Strategies, Ms. McIntyre was a Principal Member of Technical Staff and Program Manager at Sandia National Laboratories in Albuquerque, New Mexico. Her research areas at Sandia included threats, vulnerabilities, and protection of critical infrastructure systems, and cybersecurity for fossil and renewable energy systems. She managed the Sandia-Forest City Strategic Partnership program for sustainability, and participated in programs such as the Institute for Infrastructure Information Protection (I3P), and National SCADA Test Bed. Ms. McIntyre conducted the first cyber analysis of a renewable system in 2007 for the Department of Energy.
Prior to work in critical infrastructure, Ms. McIntyre worked extensively in the defense sector on information warfare and survivability, serving as IO Laboratory Chief and Information Warfare Lead for Future Combat Systems Assessments at the U.S. Army Research Laboratory. She previously served as New Mexico Regional Manager for Concurrent Technologies Corporation, a defense and energy contractor, and performed systems analysis and engineering in the bioinformatics field for Molecular Informatics, Inc. Throughout her career, she has worked closely with the U.S. Departments of Energy, Homeland Security, and Defense.
Ms. McIntyre conducts extensive work on security policies as they relate to energy and infrastructure. She served as an author for the American Petroleum Institute’s SCADA Security Standard (1164v2), serves on the Advisory Council at the North American Energy Standards Board, and has served as a Senior Fellow at the University of Minnesota’s Technology Leadership Institute. She is a Licensed Private Investigator in the State of Texas.
