Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Safety and Security: Learn CISSP Domains for Project Managers

2,221 views

Published on

Based on extensive related hands-on practical experience, this course provides you with skills and knowledge needed for effective and efficient Project Management of safety and security operations needed to provide valuable solutions for business and IT.
The “Learn CISSP Safety and Security Domains for Project Managers” course is authored by Chuck Morrison, MBA, PMP with over 25 years Program Management and Business Architecture experience in Silicon Valley California. Also, authored and published Udemy professional training courses and Amazon Kindle books including: Learn to Transform Requirements into UML Use Cases, Learn to Analyze Business Application Issues Root Causes, Learn Agile SCRUM Development for Project Managers, Learn How the Project Management Office (PMO) Operate, Learn CISSP Safety and Security Domains for Project Managers …
Information security is the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. Information security, computer security and information assurance are concepts frequently used interchangeably. The concepts are interrelated and share critical information protection goals: Confidentiality, Integrity, and Availability (CIA).
The key to business and IT security and protection is due diligence through user account management; activity tracking, monitoring, and control; access rights/permission management.
All affected stakeholders including sponsors, subject matter experts, and other resources must be involved in collaborative development viable solution based on Safety and Security operations and processes for any executive decisions. This requires the leadership, skills, and knowledge or experienced analyst and architects capable of supporting an effective business solution needed to return business systems to proper operation.
Critical processes emphasized during this course are collaboration, listening, analysis, and modeling techniques needed for effective and efficient system operations solutions. This course helps you develop the skills and knowledge needed to support effective solutions and decisions regardless of your role.
If you find my course useful, please consider leaving a review and rating. Your review is much appreciated. You can go directly to the review page for this course then click and enter your review and rating.
Thank You and Best Regards,
Chuck Morrison, MBA, PMP

Published in: Business
  • Be the first to comment

Safety and Security: Learn CISSP Domains for Project Managers

  1. 1. Learn CISSP Safety and Security Domains for Project Managers … Interrelated Information security, computer security and information assurance CIA concepts protection goals. Chuck Morrison, MBA, PMP, CPIM, WWISA
  2. 2. A working model using mission-driven measures in a team approach enables focus on effective solutions
  3. 3. Course Goals • Understand Confidentiality, Integrity, and Availability (CIA) concepts and relationships • Overview key principles and objectives of CISSP domains • Apply concepts of safety and security to portfolio, program, and project management • Project Management consulting and mentoring on methodology, and dealing with security and risk management • Apply safety and security concepts to assets, SDLC security, Communications & Networks security • Understand apply concepts related to identity and access management • Understand apply concepts related to security assessment and testing and security operations • Apply Personally Identifiable Information (PII), Payment Card Industry Data Security Standard (DSS/PCI) concepts
  4. 4. Target Audience Who should take this course? • Subject Matter Experts (SMEs) • Product Owners and Sponsors • Business Process Managers • Business Process Users • Product, Portfolio, Project, and Program Managers • Business Analysts & Architects • Quality Assurance • System & Software Developers
  5. 5. Course Prerequisites • Some technical experience • Ability to collaborate and listen • Capability to capture and define business and technical requirements • Interest in business analysis and information architecture • Ability to collect and organize tasks, activities and resources into diagrams and graphical models
  6. 6. CISSP Domains Overview for Project Managers … Section 1 Goal … Interrelated Information security, computer security and information assurance concepts protection goals: Confidentiality, Integrity, and Availability (CIA).
  7. 7. Welcome • … to my Udemy Training course • Hello, I'm Chuck Morrison • My specialties are: Business Process Engineering, Software Systems Development, Cross-Functional Program and Change Management. • My significant skills and accomplishments include ... • My significant accomplishments also include ...
  8. 8. What Are Safety & Security • CIA • Confidentiality • Integrity • Availability
  9. 9. What Are Safety & Security
  10. 10. • Company’s Business Systems Delivery • Team Support Product & Services for Customers • Undocumented Processes & Procedure • Impact on Time or Resources or Security & Safety • What to Do … Next Steps … Imagine …
  11. 11. Related Quotes • Learn from yesterday, live for today, hope for tomorrow. The important thing is not to stop questioning. – Albert Einstein • Continuous improvement is not about the things you do well — that’s work. Continuous improvement is about removing the things that get in the way of your work. The headaches, the things that slow you down, that’s what continuous improvement is all about. ~Bruce Hamilton • Perfection is not attainable, but if we chase perfection we can catch excellence. -Vince Lombardi • The first rule of any technology used in a business is that automation applied to an efficient operation will magnify the efficiency. The second is that automation applied to an inefficient operation will magnify the inefficiency. ~Bill Gates • What gets measured, gets managed. ~Peter Drucker
  12. 12. Why Is a Safety and Security Needed? The CISSP© CBK 4Ed consists of the following 8 domains: Domain 1 — Security & Risk Management Domain 2 — Asset Security Domain 3 — Security Engineering Domain 4 — Communications & Network Security Domain 5 — Identity & Access Management Domain 6 — Security Assessment & Testing Domain 7 — Security Operations Domain 8 — Security in the Software Development Life Cycle
  13. 13. What’s This Course About? • Information security is the protection of information and information systems from unauthorized access. • The concepts are interrelated and share critical information protection goals: Confidentiality, Integrity, and Availability (CIA) • The key to business and IT security and protection is due diligence
  14. 14. What you get from this course? • Understand Confidentiality, Integrity, and Availability (CIA) concepts and relationships • Overview key principles and objectives of CISSP domains • Apply concepts of safety and security to portfolio, program, and project management • Project Management consulting and mentoring on methodology, and dealing with security and risk management • Apply safety and security concepts to assets, SDLC security, Communications & Networks security • Understand apply concepts related to identity and access management • Understand apply concepts related to security assessment and testing and security operations
  15. 15. What are course requirements? • Some technical experience desired. • Ability to collaborate and listen for business wants and needs • Capability to capture and define business and technical requirements • Interest in the fields of business analysis and information architecture • Ability to collect and organize tasks, activities and resources into diagrams and graphical models
  16. 16. Target Audience Who should take this course? • Subject Matter Experts (SMEs) • Product Owners and Sponsors • Business Process Managers • Business Process Users • Product, Portfolio, Project, and Program Managers • Business Analysts & Architects • Quality Assurance • System & Software Developers
  17. 17. Overview Privacy & Information Protection Section 2 Goal … • Understand Confidentiality, Integrity, and Availability (CIA) concepts and relationships • Overview key principles and objectives of CISSP domains • Apply concepts of safety and security to portfolio, program, and project management
  18. 18. Overview of Safety and Security • Information Security – Confidentiality, Integrity, and Availability (CIA) • Confidentiality (Identity, Access, Authorize) • Integrity (Detectability, Consistency) • Availability (when Needed) • Security & Safety • Safety (Danger, Risk, Threat, Impact) • Security (PCI/DSS) & PII
  19. 19. Safety and CISSP Knowledge Domains Relationships BOK v3 & v4 Safety & CISSP Knowledge Domains Relationships • CISSP® CBK v3 consists of ten domains • CISSP® CBK v4 consists of eight domains CISSP BOK V3 Domains CISSP BOK V4 Domains
  20. 20. Domain 1 – Security & Risk Management (Information Security Governance & Risk Management – V3.3)
  21. 21. Domain 2 – Asset Security (Business Continuity and Disaster Recovery – V3.8)
  22. 22. Domain 3 – Security Engineering (Security Architecture and Design, Cryptography, Physical Security– V3.5)
  23. 23. Domain 4 – Communications & Network Security (Business Continuity and Disaster Recovery – V3.2)
  24. 24. Domain 5 – Identity & Access Management (Identity & Access Controls Types – V3.1)
  25. 25. Domain 6 – Security Assessment & Testing (Security Architecture and Design – V3.6)
  26. 26. Domain 7 – Operations Security (Security Operations – V3.7)
  27. 27. Domain 8 – Security in the SDLC (Software Development Security – V3.7)
  28. 28. Domain 0 – Public and Private Safety
  29. 29. Section 3: Security Risk Management Goals: • Understand CIA concepts and relationships • CISSP domains • Portfolio, Program, and Project Management – safety and security concepts • Project Management security and risk consulting and mentoring • Assets, SDLC security, Communications & Networks security • Identity and Access Management • Security assessment and testing • Personally Identifiable Information (PII), Payment Card Industry Data Security Standard (DSS/PCI)
  30. 30. Security Risk Management
  31. 31. Security Management …
  32. 32. Security Risk Management Methodology …
  33. 33. CISSP Process Groups Knowledge Areas …
  34. 34. Conclusion … Section 4 – CISSP Domains Overview for Project Managers – Conclusion
  35. 35. Conclusion … Congratulations!! You’ve made it … You’ve Completed the Course Goals … • Creation and maintenance of standards and methods • Understand Confidentiality, Integrity, and Availability (CIA) concepts and relationships • Overview key principles and objectives of CISSP domains • Apply concepts of safety and security to portfolio, program, and project management • Project Management consulting and mentoring on methodology, and dealing with security and risk management • Apply safety and security concepts to assets, SDLC security, Communications & Networks security • Understand apply concepts related to identity and access management • Understand apply concepts related to security assessment and testing and security operations • Apply Personally Identifiable Information (PII), Payment Card Industry Data Security Standard (DSS/PCI) concepts
  36. 36. Glossary For definitions of terms used in this course, please see downloadable Glossary below …
  37. 37. For Further Reading … OO UML developed by “The 3 Amigos” Grady Booch, Ivar Jacobson and James Rumbaugh at Rational Software during 1994–95 with further development led by them through 1996 … Rational Software transferred to IBM … OO UML accepted by OMG & ISO Please see other References (attached) ...

×