products:ict:security:cissp:security_governance_and_risk_management_principles
1.2. Security Governance and Risk Management Principles:
- Governance frameworks such as COBIT (Control Objectives for Information and Related Technologies) and ITIL (Information Technology Infrastructure Library).
- Risk management fundamentals:
- Risk assessment methodologies (e.g., quantitative vs. qualitative risk analysis).
- Risk mitigation strategies (e.g., risk acceptance, risk avoidance, risk transference, risk mitigation).
- Risk management lifecycle.
- Roles and responsibilities of stakeholders in information security governance.
- Security policies, standards, guidelines, and procedures.
- Compliance frameworks and standards (e.g., ISO 27001, NIST Cybersecurity Framework, GDPR).
products/ict/security/cissp/security_governance_and_risk_management_principles.txt · Last modified: 2024/04/20 13:40 by wikiadmin