Category: CISSP
-
Information Security Policy
Introduction This is a detailed information security policy for your organization. Goal The goal of this policy is to protect the organization’s information assets by establishing a framework for protecting information, including physical and logical controls. This policy will help you: Scope The scope of this policy is to ensure the protection of information and…
-
Business Recovery Processes
Introduction Business recovery is the process of bringing your business back online in the aftermath of a disaster. Disaster recovery can happen quickly, but it usually takes longer than expected. It’s important to have a plan in place to recover from any disruption so that you can continue operating with minimum disruption and maximum efficiency.…
-
Evaluation of Risk – Transfer Risk
Introduction Risk transfer is the process by which a company moves its financial responsibility to another party. The transferring entity and receiving party must enter into a contract specifying the transfer terms, including what risks will be transferred, how much they will cost, and what types of incidents will trigger coverage. Risk-transfer contracts are often…
-
How I passed CISSP certification
I passed the CISSP certification exam on my first attempt. I had been studying for the test for three months before taking it and realized I needed additional support to prepare. That’s when I stumbled upon Luke Ahmed, CISSP, and discovered his online course. The course was designed to give me the theoretical knowledge necessary to pass…
Governance Risk and Compliance 