This chapter discusses the following topics
• Information security management
• Logical access controls
• Network security
• Environmental security
• Physical security
This chapter discusses CISA job practice 5, “Protection of Information Assets.” The topics in this chapter represent 30 percent of the CISA examination.
Information assets consist of information and information systems. Information includes software, tools, and data. Information system is an inclusive term that encompasses servers, workstations, mobile devices, network devices, gateways, appliances, and almost every other kind of IT hardware that is used.
Information security management is the collection of policies, ...