The following video is from the Official (ISC)² CISSP OnDemand Training.
Unlike other parts of IT, the concept of "set it and forget it" is completely incompatible with information security requirements. After determining the ownership of data and under what conditions it should be accessed, infosec pros must continually ensure that its integrity, confidentiality and proper use is maintained.
Ongoing data audits, overlapping controls and thoughtful documentation are among the many tools CISSPs should call upon to promote good data management, explains Adam Gordon, lead editor of the Official (ISC)² Guide to the CBK, Fourth Edition, in this video.
CISSP® is a registered mark of (ISC)² Inc.
The following is a full transcript of Adam Gordon's video.