Scribd Logo
Upload

Welcome to Scribd!

  • Due Care Vs Due Diligence

    Uploaded by

    alok
    16 views4 pages

    Original Title

    Due Care vs Due Diligence

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    16 views4 pages

    Due Care Vs Due Diligence

    Uploaded by

    alok

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    5/15/2021 Due Care vs Due Diligence

    y Notes and Theory Home Membership Videos Study Resources Crack the CISSP Blog About Search Site
    Members Portal

    STUDY RESOURCES
    Due Care vs Due Diligence CISSP PROCESS
    PDF NOTES

    FAIL THE EXAM?


    WHAT TO DO NEXT.

    CISSP VIDEOS

    "How To Think Like A Manager


    for the CISSP Exam" 
     
    Now available on Amazon
    One of the most common questions I get is:
    $9.99 Kindle/$17.99 Paperback
    As an Amazon Associate I earn f rom qualifying purchases.

    "Luke, can you please explain the difference between due care and NEW CISSP CAT EXAM
    diligence with real-world examples?"
    APRIL CISSP CHANGES

    Yes, please see below.


    20 TIPS FOR
    PASSING THE CISSP
    Due Care & Diligence Concepts
    Due care is about correcting something immediately. The first CISSP MINDMAPS
    letter of the two words even help to remember this, DC = do
    CLICK FOR MORE
    correct.
    Due diligence takes longer than just fixing something
    immediately, it is more the investigation as to why that
    MEMBERSHIP
    something had to be corrected in the first place. It is about
    231+ CISSP VIDEOS
    detecting the reason behind either an incident, event, or
    breach etc. etc. The first two letters help to remember this, 725+ PRACTICE
    DD, do detect. QUESTIONS
    PDF NOTES
    Due care is a way to implement something right away in order
    1,300 FLASHCARDS
    to perform mitigation procedures.
    TELEGRAM GROUP
    Due diligence is making sure the right thing was done
    MONTHLY
    correctly, and if it is necessary to do it again or if further
    research is required. EMAIL UPDATES
    $29.99 per month
    Due care is doing the right thing, the prudent man rule. $74.99 3-months
    $144.99 6-months

    https://www.studynotesandtheory.com/single-post/due-care-vs-due-diligence#:~:text=Due diligence is making sure,thing%2C the prudent man rule.&te… 1/4


    5/15/2021 Due Care vs Due Diligence

    Due diligence is making sure the steps to do the right thing are BECOME A MEMBER
    correct and within risk parameters, the experienced man rule.

    CRACK THE EXAM


    In order to perform due care, the organization must first
    perform due diligence. Due diligence comes before due care
    and is a management process used to gather facts before
    making a decision.

    The implementation of controls is due care, and verification of


    those controls being implemented is due diligence. How Andy B. Cracked
    His CISSP Exam
    Due diligence is knowing and due care is doing.

    Due care is an action which should most likely be taken, due


    CLICK FOR MORE
    diligence can be an action that may not be necessary but is the
    best thing to do for long-term goals.
    LEARN ABOUT:
    The word "care" is a shorter word than "diligence", so due TCP HANDSHAKE
    care is the short-term action, and due diligence is the long-
    term action. CLARK-WILSON MODEL

    WHY THE CISSP


    Due care (bottom to top) starts from the bottom of security
    IS WORTH IT
    governance like security operations, and due diligence starts
    from the top (top to bottom) like senior management COVERT TIMING
    CHANNEL DEMO

    IoT CORE
    Real-World Examples CONCEPTS
    Using a condom is due care, taking the steps to decide
    NIST DOCUMENTS
    whether to use the condom is due diligence.

    DIGITAL SIGNATURES
    Issuing policies, standards, baselines, and procedures are part
    of due diligence. Applying these types of documents is due
    DEFENSE IN DEPTH
    care.

    REAL LIFE MTBF


    Installing patches to mitigate the latest CVE is due care,
    understanding the reason for the CVE and making sure it has OSI MODEL
    been fully understood is due diligence.

    DUE CARE VS DUE


    DILIGENCE
    Performing an annual security audit is due diligence, but taking
    the corrective action from the results of an audit is due care.
    MTD, RPO, RTO, WRT

    Monitoring the network for malicious activity is due care, while


    implementing a policy from senior management for such
    activity is due diligence.

    Due care is making sure you provide security training and


    practice sound security practices at your company. Examples
    of which include putting up posters that say you must lock your

    https://www.studynotesandtheory.com/single-post/due-care-vs-due-diligence#:~:text=Due diligence is making sure,thing%2C the prudent man rule.&te… 2/4


    5/15/2021 Due Care vs Due Diligence

    computer, or making sure employees know where to find


    documents for proper security procedures, or locking your
    drawers. Due diligence is setting up the proper framework,
    like ISO 27001 and having audits to make sure all those little
    steps you're making sure to do in due care, is done properly.
    Due diligence is the broader form of due care.

    Due care is bringing back online a web server which went


    down in the middle of business hours. Due diligence is finding
    out why the web server went down and making sure controls
    are put into place to make sure it doesn't happen again in the
    same manner.

    An outdated BYOD policy is a violation of due diligence,


    encrypting devices which belong to the employee holding
    company information is due care.

    Conducting a penetration test is due diligence, and


    implementing the controls to mitigate the risks found as a
    result is due care.

    Research of the network security infrastructure of your


    organization is due diligence, while installing and configuring
    firewalls, routers, servers, switches, and access points is due
    care.

    When engaging with third-party vendors or suppliers,


    researching and understanding legal responsibilities,
    formulation of integrating two environments, conducting SLA
    negotiations, or ensuring a transition of power, is due
    diligence. Executing the engagement with the third-party
    vendor or supplier is due care.

    Installing anti-virus software before deploying a device is due


    care, ensuring anti-virus software is up-to-date and monitoring
    in real-time is due diligence.

    Configuring an IPSec VPN, access-control list, network address


    translation policies on a firewall is due care. A proper change
    management process to track and account for those changes is
    due diligence.

    Putting up sandbags in preparation for a hurricane is due care.


    Tracking the weather and seeing the trajectory of a hurricane
    would be due diligence.

    Visiting a doctor when you're sick and taking medication is due


    care. Maintaining a healthy eating habit and a proper exercise
    regimen is due diligence.

    https://www.studynotesandtheory.com/single-post/due-care-vs-due-diligence#:~:text=Due diligence is making sure,thing%2C the prudent man rule.&te… 3/4


    5/15/2021 Due Care vs Due Diligence

    Studying your CISSP books, study resources, taking over 5,000


    practice questions, reading NIST documents, watching videos,
    reading as much as you can about the CISSP Common Body of
    Knowledge, or becoming a member of this site, is practice
    proper due diligence. Taking your CISSP exam is due care,
    whether you pass it or not.

    Cheers.

    Tags:

    due care due diligence cissp cissp pdf

    Security and Risk Management

    © 2021 Study Notes and Theory Proudly created to make you


    Terms and Conditions/Privacy Policy a better security professional.

    https://www.studynotesandtheory.com/single-post/due-care-vs-due-diligence#:~:text=Due diligence is making sure,thing%2C the prudent man rule.&te… 4/4

    You might also like