SY0-701 - CompTIA Security+: Effective Security Governance





According to Gartner: "Security governance is a process for overseeing the cybersecurity teams who are responsible for mitigating business risks. Security governance leaders make the decisions that allow risks to be prioritized so that security efforts are focused on business priorities rather than their own." In this course, you will further define security governance and types of governance structures. Then you will discover security governance roles and responsibilities, such as owners, stewards, and officers, and external governance considerations. Next, you will explore guidance, best practices, standards, and policies like the software development life cycle (SDLC) and change management. Finally, you will investigate security governance procedures, including playbooks, monitoring, and revision. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.




0.78

SY0-701 - CompTIA Security+: Effective Security Governance

  • define security governance
  • compare types of governance structures like boards, committees, government entities, and centralized/decentralized structures
  • define roles and responsibilities such as owners, controllers, processors, custodians, stewards, and officers
  • describe external governance considerations like regulatory, legal, industry, local/regional, national, and global
  • provide an overview of various organizations that specialize in security guidelines, standards, and best practices
  • define standards such as password, access control, and encryption; and policies like acceptable use policy (AUP), Information security, business continuity, and change management
  • describe security governance procedures, including playbooks, monitoring, and revision


    • it_cssecp23_17_enus