Security governance is a framework that allows for the security goals of an organization to be set and expressed by senior management, communicated throughout the different levels of the organization.express
Metrics
ISO/IEC 27004:2009 is used to assess the effectiveness of an ISMS and the controls that make up the security program as outlined in ISO/IEC 27001.安全
The NIST SP 800-55, Revision 1 also covers performance measuring for information security, but has a U.S. government slant.spa
剩餘內容請看本人公衆號debugeeker, 連接爲CISSP考試指南筆記:1.18 安全治理.net
本文同步分享在 博客「debugeeker」(CSDN)。
若有侵權,請聯繫 support@oschina.cn 刪除。
本文參與「OSC源創計劃」,歡迎正在閱讀的你也加入,一塊兒分享。debug