The Certified Information Systems Security Professional-Information Systems Security Management Professional (CISSP-ISSMP®) certification was developed for CISSPs who are seeking to further their careers and validate their expertise in information systems security management. Candidates for the ISSMP need to demonstrate a thorough understanding of the five domains of the ISSMP Common Body of Knowledge (CBK®), along with the ability to apply this in-depth knowledge to establish, present, and govern information security programs, while demonstrating management and leadership skills.
Supplying an authoritative review of key concepts and requirements, the Official (ISC)2® Guide to the CISSP®-ISSMP® CBK®, Second Edition is both up to date and relevant. This book provides a comprehensive review of the five domains in the ISSMP CBK: Security Leadership and Management, Security Lifecycle Management, Security Compliance Management, Contingency Management, and Law, Ethics, and Incident Management.
Numerous illustrated examples and practical exercises are included in this book to demonstrate concepts and real-life scenarios. Endorsed by (ISC)2 and compiled and reviewed by ISSMPs and industry luminaries around the world, this book provides unrivaled preparation for the exam. Earning your ISSMP is a deserving achievement that should ultimately help to enhance your career path and give you a competitive advantage.
Table of Contents
Domain 1 — Security Leadership & Management : Mission Statements. Business Functions. Define the Security Governance Structure.
Domain 2 — Security Lifecycle Management: Managing Security in Different Methods of Systems Development. Approval of Security Design.
Domain 3 — Security Compliance Management: The Cyber Domain Compliance.
Domain 4 — Contingency Management: Contingency Plans.
Domain 5 — Law, Ethics, and Incident Management: Information Security Laws. Security Incident Management Process.
Appendix A — Answers to Domain Review Questions. Index.
"A CISSP-ISSMP is the best of both worlds—the master of technical and managerial IT, with the added bonus of business acumen that resonates with the C-suite."
—W. Hord Tipton, Former Executive Director, (ISC)2