Back to Security and Risk Management
1.3 ~40 min
Evaluate and apply security governance principles
Overview
Security must align to business strategy, goals, mission, and objectives. Know the major control frameworks and the difference between due care (doing the right thing) and due diligence (researching/verifying it).
Key topics to master
- Alignment of security to business strategy/goals/mission
- Organizational processes (acquisitions, divestitures, governance committees)
- Organizational roles and responsibilities
- Frameworks: ISO, NIST, COBIT, SABSA, PCI, FedRAMP
- Due care / due diligence