原创力文档信息安全治理和风险管理
信息安全治理和风险管理Information Security Governance and Risk ManagementCISSP第六版培训课件之一关键知识领域A. Understand and align security function to goals, mission and objectives of the organization理解安全功能并将其与机构目标、使命和宗旨相结合B. Understand and apply security governance理解并运用安全治理B.1 Organizational processes (e.g., acquisitions, divestitures, governance committees)组织过程(如收购、分拆、治理委员会)B.2 Security roles and responsibilities安全角色与职责B.3 Legislative and regulatory compliance法律和监管的合规B.4 Privacy requirements compliance隐私要求的合规B.5 Control frameworks控制框架B.6 Due care尽职关注B.7 Due diligence尽职调查关键知识领域C. Understand and apply concepts of con
文档评论(0)