Browse Information Systems and Controls (ISC)
-
-
- 3.1 COSO Internal Control – Integrated Framework: Relevance to Information Systems
- 3.2 COSO ERM for IT: Risk Management Across Digital Environments
- 3.3 COBIT 2019 Overview: Governance System Principles and Components
- 3.4 Other Influential Standards and Regulations (e.g., PCI DSS, HIPAA, GDPR)
- 3.5 ITIL and IT Service Management Overviews
-
-
- 10.1 Change Control Concepts: Policies and Procedures
- 10.2 Environments and Testing (Development, QA/Staging, Production)
- 10.3 Patch Management: Risks and Controls
- 10.4 Continuous Integration and Continuous Deployment in Modern DevOps
- 10.5 Systems Development Life Cycle (SDLC): Waterfall vs. Agile/DevOps
-
-
-
-
-
Chapter 20: Incident Response and Recovery
In this section
-
Events vs. Incidents: Definition and Escalation
Discover how to distinguish security events from incidents and implement an effective escalation process, including triage and formal incident declaration.
-
Incident Response Plans and Crisis Management
Learn how robust incident response strategies, precise communication, and a well-structured process help organizations contain, recover from, and prevent future security incidents.
-
Forensic Investigations and Chain of Custody
Explore best practices for digital forensic investigations, emphasizing evidence preservation, typical oversights that compromise investigations, and effective chain of custody documentation to maintain data integrity and legal admissibility.
-
Cyber Insurance as a Risk Mitigation Strategy
Learn how cyber insurance supports organizations by transferring financial risk from cybersecurity incidents and breaches. Explore coverage types, policy exclusions, underwriting processes, and real-world examples across various industries.
-
Problem Management – Root Cause Analysis and Permanent Fix
Learn how effective problem management goes beyond immediate incident resolution, focusing on root cause analysis and long-term corrective actions to prevent recurrence.
