CompTIA Security+ (SY0-601) Cert Prep: 10 Governance, Risk, and Compliance

This course covers what professionals need to know about cybersecurity governance and compliance issues to prepare for the Security+ exam.

Introduction

• Governance, risk, and compliance
• What you need to know
• Study resources

1. Risk Analysis

• Risk assessment
• Quantitative risk assessment
• Risk types
• Information classification

2. Risk Management

• Risk treatment options
• Categorizing security controls
• Ongoing risk management
• Risk management frameworks
• Control frameworks
• Risk visibility and reporting
• Data security roles

3. Supply Chain Risk

• Managing vendor relationships
• Vendor agreeements
• Vendor information management
• Audits and assessments
• Cloud audits

4. Security Policies

• Security policy framework
• Security policies

5. Privacy and Compliance

• Legal and compliance risks
• Data privacy
• Data breaches

6. Privacy Enhancing Technologies

• Data anonymization
• Data obfuscation

7. Security Awareness and Training

• Security education
• User habits
• Separation of duties

Conclusion

• Continuing your studies