This Content Component encountered an error

CISSP Essentials

CISSP Essentials: Domain 1, Information Security Governance and Risk Management

In this CISSP Essential Security School lesson, learn about security management practices for securing information and assets.

Security management embodies the administrative and procedural activities designed to secure corporate assets and...

information company-wide. Fundamentally, information security assurance is a business issue that must be addressed in the context of the enterprise business framework.

In this CISSP Essentials Security School lesson, Domain 1, Information Security Governance and Risk Management, expert CISSP exam trainer Shon Harris details how security management facilitates an enterprise's security vision by formalizing the infrastructure, defining the activities, and applying the tools and techniques necessary to control, monitor and coordinate security efforts across an organization.

Domain 1 spotlight article

This lesson begins with a special Domain 1 spotlight article, which reflects the significant change this domain has undergone in recent years. Learn about strategies, tools and techniques used for . Specific areas of emphasis include information security management systems, enterprise architecture frameworks, security control objectives, process improvement models, risk management, and finally security metric systems.

Domain 1 training video: The AIC triad, ISMS, ISO 27000 series

After reading the spotlight article, watch the first of three Domain 1 training videos, which introduces three critical concepts of the Information Security Governance and Risk Management domain: the AIC triad, information security management systems (ISMS) and the ISO 27000 series of standards.

Domain 1 training video: Security enterprise architecture

Next watch the second of our three Domain 1 training videos, which details enterprise architectures and their importance to a holistic approach to enterprise security. Among other topics, this video covers how the enterprise architecture is the tool that gives insight into not only how an organization works internally, but also how it interacts with external elements, as well as how an information security management system and an enterprise security architecture integrate to create governance.

Domain 1 training video: Control objectives, risk management and analysis

In the third of our three Domain 1 training videos, learn control objectives, process improvement models, metrics and risk management and analysis techniques. Specific points of emphasis include key standards for tracking information security program performance, three of the major process management models, and risk analysis standards and approaches.

Domain 1 quiz: Information security governance and risk management

Finally, after reading the spotlight article and watching the three videos, test your comprehension of this material with our Domain 1, Information Security Governance and Risk Management quiz to test your knowledge of Domain 1.

About CISSP Essentials

SearchSecurity's CISSP Essentials series of CISSP certification training lessons offers a comprehensive introduction to not only the CISSP exam, but also the knowledge needed to succeed in the information security profession. Each lesson, which contains a spotlight article, one or more video lectures and a practice quiz, corresponds to a specific domain in the CISSP exam's "Common Body of Knowledge" -- the essential elements each CISSP-certified practitioner must know.

CISSP® is a registered certification mark of the International Information Systems Security Certification Consortium, Inc., also known as ISC(2).

Next Steps

NEXT after completing this lesson, proceed to Domain 2: Access Control.

RETURN to SearchSecurity's CISSP Essentials Security School main page.

This was last published in September 2014

Dig Deeper on CISSP Certification

PRO+

Content

Find more PRO+ content and other member only offers, here.

Join the conversation

6 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

There is no video attached to watch.
Cancel
great lesson and video, very simple examples and directions! however, I wasnt able to read most of the small font slides, eg the security road map. can we download the slides?
Cancel
Very useful but was not able to see the slides very clearly. Can we see these elsewhere ?
Cancel
Sharon, your an amazing teacher!!! Would nice to download ppt
Cancel
Where is the video?
Cancel
video no available not loading.
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close