October 2022
Intermediate to advanced
398 pages
14h 14m
English
A gap analysis means comparing and contrasting the “as is” to the “to be.” For security controls, this involves comparing the present state of controls with a desired state of controls. Well-known frameworks help organizations set up a desired state. This process also helps better manage operational risk. This includes adherence to regulatory and industry requirements to protect sensitive systems and information as well as privacy data.
At a minimum, common baseline security controls should be in place. Any gaps to the following types of controls should be clearly documented:
Information security policies—This provides direction for the entire organization regarding goals, risks, and applicable ...
Read now
Unlock full access