Chapter 3. Information Security Governance & Risk Management
The Information Security Governance & Risk Management domain is a key domain within the CISSP candidate information bulletin and includes a longer objectives list than most other domains. You’ll be expected to understand many elements of an organization’s security program, with a focus on protecting information technology (IT) assets. This starts with a clear understanding of an organization’s goals, mission, and objectives and then the development of security policies, standards, and procedures to support the mission of the organization. Risk management is an ongoing process that identifies asset values and then attempts to identify and prioritize risks to these assets. You’ll find ...
Get CISSP Rapid Review now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
