ABSTRACT

Building and Implementing a Security Certification and Accreditation Program: Official (ISC)2 Guide to the CAP CBK demonstrates the practicality and effectiveness of certification and accreditation (C&A) as a risk management methodology for IT systems in both public and private organizations. It provides security professiona

part |2 pages

Section I: Building a Successful Enterprise Certification and Accreditation Program

part |2 pages

Section II: Certification and Accreditation Processes

chapter 6|13 pages

System Inventory Process

chapter 7|11 pages

Assessing Data Sensitivity and Criticality

chapter 8|11 pages

System Security Plans

chapter 11|12 pages

Assessing Risk

chapter 12|8 pages

Security Procedures

chapter 13|12 pages

Certification Testing

chapter 14|10 pages

Remediation Planning

chapter 16|8 pages

Documenting the Accreditation Decision

part |1 pages

Section V: Appendices

chapter |8 pages

Appendix B Glossary

chapter |7 pages

Appendix C Sample Statement of Work

chapter |2 pages

Appendix D Sample Project Work Plan

chapter |3 pages

Appendix O: Sample Security Procedure