Professional Documents
Culture Documents
Topic 1 Risk
Why a risk oriented approach?
Using risk based approach to cybersecurity allows informed decision -making, better
protection, and effective application of bdgets and resources.
Understanding likelihood
-Measures of frequency of event occurrence
Topic 3
Poicies and procedures
-Specify requirements
-Define the rolse and responsibilities within the organization
-Outline
Policy lifecycle
Create
Approved
Review
Update
Compliace document
-Policies : Communicate required and prohibted acitvities and behaviors
-Standards : Interpret policies in specific situatuins
-Procedures : Provide details on how to comply with policies and standards
-Guidelines : Proovide general guidance on issues such as "what to do in particular
circumstances" There are not requierements to be met, but are strongly recomended.