CISSP Security & Risk Management-The Complete & Effective Security Program
- Oversight Committee Representation
- Security council vision statement
- Mission statement
- Security program oversight
- End users
- Executive management
- Information Systems Security Professionals
- Control Frameworks
- Many organizations adopt control frameworks to ensure security and privacy.
- Frameworks provide: Consistency, Metrics, Standards, etc. (31).
- NIST SP 800-53 revision 4 is such a framework made up of 285 controls under 19 families.
- Due Care
- Exercising a “prudent man’s judgment” to protect an organization’s assets.
- Failure to exercise due care leads to legal liabilities (negligence) that may be civil, criminal, or both.
- Due Diligence
- Investigative steps taken by management, all in an effort to protect the assets of the organization.
- Due diligence complements the execution of due care.
To Become Certified For CISSP Please Visit This Link;