Chapter 2

Risk, Security, and Assurance

Abstract

The general principles of risk, security, and assurance are discussed. Criteria for actual system assurance are introduced and defined. Risk management, risk assessments, and security controls are all defined.

Keywords

risk management framework

risk assessment

security control

The US government has long maintained the need and the requirement to evaluate and ascertain the IT systems operating on its networks and backbones were as secure as possible. Over the past 25 years, various organizations within the federal government have developed and operated under multiple different methodologies to provide the assurance to managers and executives that the IT systems were safe, secure, and trustworthy. ...

Get Security Controls Evaluation, Testing, and Assessment Handbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Security Controls Evaluation, Testing, and Assessment Handbook by Leighton Johnson

Risk, Security, and Assurance

Abstract

Keywords

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly