Security management embodies the administrative and procedural activities designed to secure corporate assets and information companywide. Fundamentally, information security assurance is a business issue that must be addressed in the context of the enterprise business framework.
About CISSP Essentials
Discover what you need to know to ace the CISSP exam with this series of CISSP certification training lessons. Each lesson, which contains a video, domain spotlight article and a quiz with sample CISSP exam questions, corresponds to a specific domain in the CISSP exam's "Common Body of Knowledge" -- the essential elements each CISSP-certified practitioner must know.
In this CISSP Essentials Security School lesson, Domain 1, Information Security Governance and Risk Management, expert CISSP exam trainer Shon Harris details how security management facilitates an enterprise's security vision by formalizing the infrastructure, defining the activities, and applying the tools and techniques necessary to control, monitor and coordinate security efforts across an organization.
Before watching the special Domain 1, Information Security Governance and Risk Management video below, it's recommended that students first read the Domain 1 spotlight article, which provides an overview of the concepts presented in the video that constrain responsible security management, and offers strategies as well as specific tools and techniques for evaluating, controlling and implementing security across an enterprise. A special emphasis is placed on fundamental principles of information security, basic security terminology, information security roles and responsibilities and risk management practices.
After watching the video, test your comprehension of this material with our Domain 1, Information Security Governance and Risk Management quiz. Upon completion, return to the CISSP Essentials Security School table of contents to select your next lesson.
About Shon Harris:
Shon Harris is a CISSP, MCSE and President of Logical Security, a firm specializing in security educational and training tools. Logical Security offers curriculum, virtual labs, instructor slides and tools for lease by training companies, security companies, military organizations, government sectors and corporations.
Shon is also a security consultant, an engineer in the Air Force's Information Warfare unit, an entrepreneur and an author. She has authored two best selling CISSP books, including CISSP All-in-One Exam Guide, and was a contributing author to the book Hacker's Challenge. Shon is currently finishing her newest book, Gray Hat Hacking: The Ethical Hacker's Handbook.
CISSP® is a registered certification mark of the International Information Systems Security Certification Consortium, Inc., also known as ISC(2).