SECURITY OPERATIONS AND ADMINISTRATION entails the identification of an organization's information assets and the documentation required for the implementations of policies, standards, procedures, and guidelines that ensure confidentiality, integrity, and availability. Working with management information owners, custodians, and users, the appropriate data classification scheme is defined for proper handling of both hardcopy and electronic information.
The following topics are addressed in this chapter:
- Understand and comply with Codes of Ethics
- (ISC)2 code of ethics
- Organizational code of ethics
- Understand security concepts
- Least privilege ...