Security Governance Concepts, Principles, and Policies
THE CISSP EXAM TOPICS COVERED IN THIS CHAPTER INCLUDE:
3. Information Security Governance and Risk Management
A. Understand and align security function to goals, mission, and objectives of the organization.
B. Understand and apply security governance
B.1 Organizational processes (e.g., acquisitions, divestitures, governance committees)
B.2 Security roles and responsibilities
B.3 Legislative and regulatory compliance
B.4 Privacy requirements compliance
B.5 Control frameworks
B.6 Due care
B.7 Due diligence
C. Understand and apply concepts of confidentiality, integrity, and availability.
D. Develop and implement security policy
D.1 Security policies
D.3 Procedures ...