O'Reilly logo

Security without Obscurity by W. Clay Epstein, Jeff Stapleton

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 9

PKI Governance, Risk, and Compliance

Governance, risk, and compliance (GRC) are three areas of information security used across many industries and organizations. GRC is often considered a discipline to synchronize security policies and practices across an organization’s lines of business (LOBs). In this chapter, we look at GRC components as they relate to public key infrastructure including organizational structures, audits, and risks.

9.1 PKI Governance

Throughout the book, we have discussed various standards organization such as American National Standards Institute (ANSI) and International Organization for Standardization (ISO), accreditation bodies such as the National Institute of Standards and Technology (NIST) for algorithms ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required