CCISO Certified Chief Information Security Officer All-in-One Exam Guide

CHAPTER 2

Information Security Controls, Compliance, and Audit Management

This chapter discusses the following topics:

• Information security controls

• Information security control life cycle frameworks

• Information security control life cycle

• Exploring information security control frameworks

• Auditing for the CISO

Chapter 1 introduced the concept of risk management, in which an organization performs a risk analysis of the entire enterprise to understand each asset’s importance to the business. An asset is an information system, a facility, data, or any component (hardware, software, or data) used to support operations. This chapter explores how an organization goes about selecting and auditing security controls for a given ...

Get CCISO Certified Chief Information Security Officer All-in-One Exam Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CCISO Certified Chief Information Security Officer All-in-One Exam Guide by Steve Bennett, Jordan Genung

Information Security Controls, Compliance, and Audit Management

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly