Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Certified Information Security Manager Exam Prep Guide

You're reading from   Certified Information Security Manager Exam Prep Guide Aligned with the latest edition of the CISM Review Manual to help you pass the exam with confidence

Arrow left icon
Product type Paperback
Published in Nov 2021
Publisher Packt
ISBN-13 9781801074100
Length 616 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Hemang Doshi Hemang Doshi
Author Profile Icon Hemang Doshi
Hemang Doshi
Arrow right icon
View More author details
Toc

Table of Contents (17) Chapters Close

Preface 1. Section 1: Information Security Governance
2. Chapter 1: Information Security Governance FREE CHAPTER 3. Chapter 2: Practical Aspects of Information Security Governance 4. Section 2: Information Risk Management
5. Chapter 3: Overview of Information Risk Management 6. Chapter 4: Practical Aspects of Information Risk Management 7. Chapter 5: Procedural Aspects of Information Risk Management 8. Section 3: Information Security Program Development Management
9. Chapter 6: Overview of Information Security Program Development Management 10. Chapter 7: Information Security Infrastructure and Architecture 11. Chapter 8: Practical Aspects of Information Security Program Development Management 12. Chapter 9: Information Security Monitoring Tools and Techniques 13. Section 4: Information Security Incident Management
14. Chapter 10: Overview of Information Security Incident Manager 15. Chapter 11: Practical Aspects of Information Security Incident Management 16. Other Books You May Enjoy

Risk management integration with the process life cycle

The security manager should understand that risk management activities are not one-time events. Risk management is a continuous process. For effective risk management, activities related to risk management should be integrated with the process life cycle.

System development life cycle

The security manager should be aware of the following system development life cycle (SDLC) phases:

Table 4.5 – Phases of the SDLC

The security manager should be involved in all the preceding phases of the SDLC and the security requirements should be integrated into all SDLC phases. Performing risk assessments at each stage of the SDLC is the most cost-effective way to address any flaws early.

The following aspects need to be addressed during the risk assessment of the project:

  • What level of confidentiality is required for the system?
  • What level of availability is required for the system?
  • ...
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime