Posted filed under CISSP.

  • Oversight Committee Representation
    • Security council vision statement
    • Mission statement
    • Security program oversight
    • End users
    • Executive management
    • Information Systems Security Professionals


  • Control Frameworks
    • Many  organizations adopt control frameworks to ensure security and privacy.
    • Frameworks provide: Consistency, Metrics, Standards, etc. (31).
    • NIST SP 800-53 revision 4 is such a framework made up of 285 controls under 19 families.


  • Due Care
    • Exercising a “prudent man’s judgment” to protect an organization’s assets.
    • Failure to exercise due care leads to legal liabilities (negligence) that may be civil, criminal, or both.
  • Due Diligence
    • Investigative steps taken by management, all in an effort to protect the assets of the organization.
    • Due diligence complements the execution of due care.



To Become Certified For CISSP Please Visit This Link;

Comments are closed.