Information Security Governance & Risk Management (part 1)

Welcome to the first Chapter in the CISSP course by Cybrary. This chapter is a conceptual but in depth examination of Information Security Governance & Risk Management. You’ll come away with a sound foundational understanding of the principles of Governance and Risk Management, how to incorporate those principles into all your decision-making processes. You’ll learn about the fundamental of security, what a security blueprint is and how security policies, procedures, stands and guidelines should be established for security in its own right as well as be incorporated into organizational policies, procedures, stands and guidelines, and why those should be living instruments not static ones. We’ll discuss in depth types of attacks security professional must combat, but we’ll focus more on aged attacks like Smurfing rather than newer events such as the Target hack. Why, because you must know and understand the original exploits in order to know and understand why we have the standard best practices we current employ. So looking at where and how they originated empower CISSPs and Ethical Hackers to then craft new best practices policies and develop more timely preventative and cost-effective countermeasures. Our Information Security Governance & Risk Management discussion also refocuses the discussion on roles and responsibilities, what the CISSPs role and responsibility is as a security adviser. Then we’ll touch on vendor service level agreements (SLAs) and their responsibility for up time. And finally we look at data classification in terms of what is classified, how its classified, who establishes that criteria and what the classification says about that data. And we’ll round out with a review on the purpose and definition of Certification, Accreditation and Auditing as well as Knowledge Transfer –- training security professionals.
Learn on the go.
The app designed for the modern cyber security professional.
Get it on Google Play Get it on the App Store

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?