This appendix discusses the following topics
• Common terms and concepts utilized in methodologies, frameworks, and guidance
• Demystifying the various resources available and their value to the CISA
Are you getting ready to develop, document, or audit IT controls? Several methodologies, frameworks, and guides contain detailed information on processes, control objectives, and controls that may assist you in your efforts. This appendix is dedicated to helping you make sense of these available resources and the terminology used within each of them.
The appendix is divided into two main sections. The first section focuses on common terms and concepts, while the second section describes the ...