Information Security and Risk Management

Previous page
Table of content
Next page

The Information Security and Risk Management domain encompasses the following topics:

  • Security management: The identification of an organization’s information assets and the development, documentation, and implementation of policies, standards, procedures, and guidelines that ensure confidentiality, integrity, and availability.

  • Risk management: The identification, measurement, control, and minimization of loss associated with uncertain events or risks, including overall security review, risk analysis, selection and evaluation of safeguards, cost-benefit analysis, management decision, safeguard implementation, and effectiveness review.

This domain is covered in Chapter 6. Major topics include

  • Security management concepts and principles

  • Change control and change management

  • Information and data classification

  • Employment policies and practices

  • Policies, standards, guidelines, and procedures

  • Individual roles and responsibilities

  • Security awareness training

  • Security management planning



Previous page
Table of content
Next page
CISSP For Dummies
CISSP For Dummies
ISBN: 0470537914
EAN: 2147483647
Year: 2004
Pages: 242
Authors: Lawrence C. Miller, Peter H. Gregory CISA CISSP
BUY ON AMAZON
Beginners Guide to DarkBASIC Game Programming (Premier Press Game Development)
Project Management JumpStart
High-Speed Signal Propagation[c] Advanced Black Magic
SQL Tips & Techniques (Miscellaneous)
FileMaker Pro 8: The Missing Manual
Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy