Chapter 4
Governance and Risk Management
Chapter Objectives
After reading this chapter and completing the exercises, you will be able to do the following:
Define governance.
Explain cybersecurity governance and NIST’s Cybersecurity Framework.
Explain the importance of strategic alignment.
Know how to manage cybersecurity policies.
Describe cybersecurity-related roles and responsibilities.
Identify the components of risk management.
Create policies related to cybersecurity policy, governance, and risk management.
NIST’s Cybersecurity Framework provides guidelines around the governance structure necessary to implement and manage cybersecurity policy operations, risk management, and incident handling across and outside of the organization. The ...
Get Developing Cybersecurity Programs and Policies, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.