Security & Risk Management
The “Security and Risk Management” domain of the Certified Information Systems Security Professional (CISSP)® Common Body of Knowledge (CBK)® addresses the framework and policies, concepts, principles, structures, and standards used to establish criteria for the protection of information assets and to assess the effectiveness of that protection. It includes issues of governance, organizational behavior, and security awareness.
Information security management establishes the foundation of a comprehensive and proactive security program to ensure the protection of an organization’s information assets. Today’s ...