O'Reilly logo

CISSP Training Kit by David R. Miller

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter summary

  • The prudent management of an enterprise is the responsibility of senior management. Human safety is always the highest priority. Ethical standards must be included within the framework of governance. Management must be the consistent enforcer of policy.

  • The security program must support the (typically revenue-generating) needs of the business. Maximize profits and avoid losses by cost justifying all countermeasures. Protect the confidentiality, integrity, and availability of the valuable assets of the organization.

  • Vulnerabilities and matching threats produce risk. Risk is quantified by its likelihood and its impact on the asset. Mitigate risk, transfer risk, and avoid risk until the level of residual risk is acceptable (risk acceptance). ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required