This first chapter in your adventure of preparing for the CISSP exam is first for a good reason. It describes how an organization would begin to address the prudent management of a business (enterprise, organization, department, or agency). This chapter describes the foundational components management must have in place to understand the nature of the business it controls, the risks it faces and their severity, and then how to assemble a framework of controls to manage those risks prudently to minimize and avoid unnecessary losses and maximize profits.
Exam objectives in this chapter:
3.1 Understand and align security function to goals, mission and objectives of the organization
3.2 Understand ...