Security Management Planning
Understand the principles of security management.
Planning for information security includes preparation to create information security policies that will be the guidance for the entire information security program. To create the policy, management should plan to perform a risk analysis on the information assets to be protected. The risk analysis will identify the assets, determine risks to them, and assign a value to their potential loss. Using this, management can make decisions on the policies that best protect those assets by minimizing or mitigating the risks.
The final aspect of information security management is education. Management is responsible for supporting the policy not only with its backing, but also ...
Get CISSP Training Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
