Chapter 3

Security and Risk Management

IN THIS CHAPTER

Applying, promoting, and sustaining professional ethics and security governance principles

Viewing holistically the legal, regulatory, and compliance issues around information security

Developing, implementing, and enforcing security policies, standards, procedures, and guidelines

Assessing, prioritizing, and implementing business continuity (BC) requirements

Applying risk management and threat modeling concepts and methodologies

Applying supply chain risk management (SCRM) concepts

The Security and Risk Management domain addresses many fundamental security concepts and principles, as well as compliance, ethics, governance, security policies and procedures, business continuity planning, risk management, and security education, training, and awareness. This domain represents 16 percent of the CISSP certification exam and is composed ...

Get CISSP For Dummies, 8th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CISSP For Dummies, 8th Edition by Lawrence C. Miller, Peter H. Gregory

Security and Risk Management

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly