The ISO 27001 Audit

There was a lot of stuff in the Security and Risk Management domain of the CISSP that I would never even think about in my past job(s) as a systems administrator. None of my previous employers ever mentioned anything about following ISO standards or operating under some “risk management framework”. What was a framework anyway? It was frustrating to read about risk management without any real experience. I was sure that if the CISSP exam had any questions pertaining to risk, I'd get them wrong. It wasn’t until working for a security firm, and studying for the CISSP, that things started to make sense.
Read More
  • 1
  • 2