The Complete Guide to Cybersecurity Risks and Controls

The book presents the concepts of information and communications technology (ICT) audit and control from this model. Readers will learn how to create a verifiable audit-based control structure, which will ensure comprehensive security for systems and data. The book explains how to establish systematic control and reporting procedures within a standard organizational framework, and build auditable trust into the security of ICT operations. This book is based around the belief that security is a strategic governance issue rather than an accounting or a technical concern. Besides presenting the concepts of that approach, the book provide exercises and other learning opportunities.