O'Reilly logo

CISSP in 21 Days by M. L. Srinivasan

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 3. Day 2: Information Security and Risk Management

Yesterday we focused on the important concepts in information security areas such as Security Management Practices, Control Environment, and Asset Classification and Control.

Today we'll move on and discuss the importance of security awareness and training in information security. We'll look at recommendations from various standards including NIST's recommendations for establishing, administering, and maintaining a suitable security awareness and training program; training-related best practices as prescribed in ISO/IEC 27002. We'll also discuss various important concepts in risk assessment and management practice that can be considered as the backbone of information security.

Security awareness ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required