Security governance is a framework that allows for the security goals of an organization to be set and expressed by senior management, communicated throughout the different levels of the organization.express
Metrics
ISO/IEC 27004:2009 is used to assess the effectiveness of an ISMS and the controls that make up the security program as outlined in ISO/IEC 27001.安全
The NIST SP 800-55, Revision 1 also covers performance measuring for information security, but has a U.S. government slant.spa
剩余内容请看本人公众号debugeeker, 连接为CISSP考试指南笔记:1.18 安全治理.net
本文同步分享在 博客“debugeeker”(CSDN)。
若有侵权,请联系 support@oschina.cn 删除。
本文参与“OSC源创计划”,欢迎正在阅读的你也加入,一块儿分享。debug