课程: ISC2 Certified Information Systems Security Professional (CISSP) (2024) Cert Prep

免费学习该课程!

今天就开通帐号,24,600 门业界名师课程任您挑!

Control and risk frameworks

Control and risk frameworks

- [Instructor] Security professionals have a wide variety of responsibilities, and typically oversee the design, implementation, and management of many different controls that protect confidentiality, integrity, and availability. It's important to make sure that these controls provide adequate levels of protection and cover many different risks. Now, it's quite a challenge to build a comprehensive security program, but fortunately, security professionals in an organization don't have to start with a blank piece of paper when they design their security program. They can use security control and risk frameworks to help ensure that they're covering all the bases and building controls that protect the organization against many foreseeable risks. There are many different control frameworks covering information security. Let's take a look at a few of the most common ones. The control objectives for information technology, or COBIT, is a security control framework developed by the…

内容