The Ultimate Goal: To Manage Information Security Governance and Risk Management

Presented by

James D. Reeves, CISSP

About this talk

This Common Body of Knowledge Workshop is one where “the rubber meets the road.” In this workshop we will discuss the means for managing security for information assets with policy, standards, procedures and guidelines, and the means for assessing and where necessary, mitigating the risk to your organization’s information assets.The Information Security Governance and Risk Management domain entails the identification of an organization’s information assets and the development, documentation, implementation and updating of policies, standards, procedures and guidelines that ensure confidentiality, integrity, and availability. Management tools such as data classification, risk assessment, and risk analysis are used to identify threats, clarify assets, and to rate their vulnerabilities so that effective security measures and controls can be implemented.The Cyber Security certification candidate needs to understand security planning, identifying and securing organization’s information assets; the development and use of security policies, security training, the importance of confidentiality, proprietary and private information; third party management and service level agreements related to information security; employment agreements, employee hiring and termination practices, and risk management practices and tools to identify, rate, and reduce the risk to specific information resources.

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (657)
Subscribers (13398)
The Information Security Careers Network is the largest group on LinkedIn dedicated to helping people further their careers in IT & Information Security. Due to our partnerships, we are able to offer discounts on some of the most popular security certifications and training courses, including CEH, CISSP, CCISO, and more. This BrightTALK channel is an extension of the group and the ISCN website (, featuring webinars, presentations and resources from some of the leading names in Information and IT Security to help you develop your knowledge and get the job you're after. Key areas: InfoSec, Risk, Cyber security, Identity & Access Management (IDM / IDAM), PCI / PA DSS QSA, Governance, Policy, ISO 27001 / ISO27001, CISSP, CCNA, C|CISO, CISM, CEH, CLAS, HMG, JSP440, JSP480, Network Intrusion Detection & Prevention (NIDS / IDS / IPS), Data Privacy & Protection, DLP, Data Loss / Leakage Prevention, Encryption, Cryptography, PKI, Penetration Testing, Ethical Hacking, Firewalls (Cisco, Checkpoint, Juniper, etc.), ITIL, HIPAA, and more