Domain 1

Security & Risk Management

The “Security and Risk Management” domain of the Certified Information Systems Security Professional (CISSP)® Common Body of Knowledge (CBK)® addresses the framework and policies, concepts, principles, structures, and standards used to establish criteria for the protection of information assets and to assess the effectiveness of that protection. It includes issues of governance, organizational behavior, and security awareness.

Information security management establishes the foundation of a comprehensive and proactive security program to ensure the protection of an organization’s information assets. Today’s ...

Get Official (ISC)2 Guide to the CISSP CBK, 4th Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.