Security Governance and Compliance

Security Governance and Compliance #

Security Governance #

Corporate Governance #

Governance, Risk, and Compliance Programs #

Information Security Governance #

Types of Governance Structures #

Understanding Policy Documents #

Policies #

Standards #

Procedures #

Guidelines #

Exceptions and Compensating Controls #

Monitoring and Revision #

Change Management #

Change Management Processes and Controls #

Version Control #

Documentation #

Personnel Management #

Least Privilege #

Separation of Duties #

Job Rotation and Mandatory Vacations #

Clean Desk Space #

Onboarding and Offboarding #

Nondisclosure Agreements #

Social Media #

Third-Party Risk Management #

Vendor Selection #

Vendor Assessment #

Vendor Agreements #

Vendor Monitoring #

Winding Down Vendor Relationships #

Complying with Laws and Regulations #

Common Compliance Requirements #

Compliance Reporting #

Consequences of Noncompliance #

Compliance Monitoring #

Adopting Standard Frameworks #

NIST Cybersecurity Framework #

NIST Risk Management Framework #

ISO Standards #

Benchmarks and Secure Configuration Guides #

Security Awareness and Training #

User Training #

Ongoing Awareness Efforts #

Previous Security Assesment and Testing Social Engineering Next