CHAPTER 21
The Importance of Frameworks, Policies, Procedures, and Controls
This chapter includes questions on the following topics:
• Common information security management frameworks
• Common policies and procedures
• Considerations in choosing controls
• How to verify and validate compliance
Here are some key findings from a 2016 survey of 319 IT security decision makers: –80% use a security framework, but only 44% have done so for more than 12 months. –95% saw benefits from framework adoption; some quickly, but others took time. –95% faced organizational and technological impediments with framework implementation. –Dimensional Research
–(sponsored by Center for Internet Security and Tenable Network Security)
A framework is a ...
Get CompTIA CySA+ Cybersecurity Analyst Certification Practice Exams (Exam CS0-002), 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
