Introduction
This chapter covers the first objective in Domain 5.0, Security Program Management and Oversight, of the CompTIA Security+ exam.
In this first chapter, we will examine the policies required to maintain effective governance. We’ll first consider guidelines and how they differ from policies, before carrying out a detailed study of the relevant policies needed for effective governance. This review of various governance standards will be followed by an exploration of procedure and governance structures as well as a breakdown of data roles and their responsibilities.
This chapter will give you an overview of why companies rely on these processes to keep their environments safe and ensure you are prepared to successfully answer all exam questions related to these concepts for your certification.
Note
A full breakdown of Exam Objective 5.1 will be provided at the end of the chapter.