CHAPTER 5

Information Security Program Development

This domain includes questions from the following topics:

•  Resources and outcomes related to information security programs

•  Asset, system, data, facilities, and personnel classification

•  Control and security management framework development

•  Policies, standards, guidelines, procedures, and requirements

•  Metrics that tell the security management and operations story

This chapter covers Certified Information Security Manager (CISM) domain 3, “Information Security Program,” part A, “Information Security Program Development.” The entire Information Security Program domain represents 33 percent of the CISM examination.

Supporting Tasks in the CISM job practice that align with the Information ...

Get CISM Certified Information Security Manager Practice Exams, Second Edition, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.