Technical solutions for investigating cyber attacks and restoring our information systems must be balanced against, and work within, laws, regulations, and policies that govern information technology. The objective of this course is to provide a comprehensive overview of the legal and policy structures that must be considered in building effective compliance, investigation, and enforcement capabilities. Students will explore offensive and defensive aspects of evidence collection, forensic investigation, privacy, reporting, and implementing corrective actions. Students will develop and submit a management plan for improving compliance, investigation, and enforcement capabilities within an organization’s systems. Upon completing this course, students will be able to provide improved leadership within the teams that manage compliance, investigation, and enforcement, increase their ability to collaborate with legal and business stakeholders, and improve their ability to develop policies that align to legal requirements.