ABSTRACT
Understand the importance of change management. ◾ Explain the different phases and steps involved in change management. ◾ Explain the importance and the need for special skills involved in com-◾ puter forensics. Understand the computer investigation model. ◾ Understand the steps and components involved in managing an incident. ◾ Explain some of the laws involved with computers and privacy. ◾ Understand the importance of the chain of custody. ◾ Explain why having ethics is so important in today’s economy. ◾ Understand operational security controls-specifically, separation of duties, ◾ job rotation, and least privilege concepts. Understand records retention policies. ◾ Describe how to conduct effective security awareness training. ◾ Develop real-world examples of security breaches. ◾ Explain security management practices and some security countermeasures. ◾ Understand the complexities of vendor relationships as they relate to infor-◾ mation security. Explain a Service-Level Agreement (SLA) and its importance. ◾ Describe how to conduct a vendor review. ◾ Explain the elements involved in conducting vendor assurances. ◾ Explain the elements involved in conducting due diligence. ◾
Develop a comprehensive service provider survey. ◾ Understand how to manage security risks in vendor relationships. ◾ Explain and understand the three tools in vendor relationships: due diligence, ◾ key contractual protections, and information security requirements.
