IT and security managers have some key responsibilities when it comes to operational security controls. Managers serve as a critical check-and-balance in many organizations and should routinely review the work of both their own teams and others. In this video, learn about the critical role of management review in a security program.
- [Instructor] Information technology and security managers…have some key responsibilities when it comes…to operational security controls.…Managers serve as a critical check and balance…in many organizations, and should routinely…review the work of both their own teams and others.…Management reviews play two important roles…in the security process.…First, they provide an important double check…on the work performed by employees…and verify that the work was performed…accurately and completely.…
Second, they reduce fraud and malfeasance…by creating a culture of oversight.…If employees, particularly privileged users,…know that someone is checking their work,…they will be far less likely to engage…in unscrupulous activity.…Privileged user actions are one of the most…important tasks requiring management review.…System engineers, application administrators,…and other trusted employees often have…the ability to override normal security controls…and perform actions that would otherwise…violate security policies.…
This is a normal fact of life in any security program.…
To join one of Mike's free study groups for access to bonus tips and practice questions, visit certmike.com.
- The security triad: confidentiality, integrity, and availability
- Security principles
- Resource security
- Data security
- Security controls
- Assessing security controls
- Security policy
- Physical security
Skill Level Intermediate
Q: This course was updated on 05/18/2018. What changed?
A: New videos were added that cover software licensing. In addition, the following topics were updated: integrity, leveraging industry standards, data encryption, security control selection and implementation, audits and assessments, security policy framework, security policy training and procedures, and ethics.
Insights from a Cybersecurity Professionalwith Mike Chapple32m 15s Intermediate
1. The Security Triad
2. Security Principles
3. Resource Security
4. Data Security
5. Data Security Controls
6. Security Controls
Control frameworks3m 55s
7. Assessing Security Controls
8. Security Policy
9. Awareness and Training
10. Physical Security
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.