O'Reilly logo

CRISC Certified in Risk and Information Systems Control All-in-One Exam Guide by Dawn Dunkerley, Bobby E. Rogers

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER 8

Designing and Implementing Controls

In this chapter, you will:

•  Learn business perspectives of information controls

•  Examine the information system security engineering process and its relationship to control design and implementation

•  Review effective control design principles

•  Learn about information categorization and how it affects control selection

•  Learn about implementing information controls

In Chapter 7 we covered the basics of controls, and in previous chapters we’ve discussed how to assess controls as part of the overall risk assessment process, but we haven’t yet covered the finer points of how controls are designed and implemented. In this chapter, we’ll discuss controls from the design and implementation perspectives. ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required