📄️ Gap Analysis
Current performance versus desired performance
📄️ Zero Trust
No one should be trusted by default
📄️ Aligning Security with Business
Wearing two hats
📄️ Risk Management
Managing and Prioritizing Risks
📄️ Risk Management Process
Identify, assess, and prioritize risk
📄️ Risk Management Frameworks
CIS, ISO, NIST etc.
📄️ Security Controls
Physical, Technical, Administrative, etc.
📄️ Governance
Overall management of the organization's IT resources
📄️ Governance Elements
Policies, Standards, Procedures, and Guidelins
📄️ Compliance
Adherence to laws, regulations, standards, and policies
📄️ Vendor Assessment
Assessing vendors
📄️ Vendor Management
Assessing vendors
📄️ Third-Party Vendor Risks
Potential security from external entities