Certified Secure Software Lifecycle Professional (CSSLP) 2019: Governance Risk and Compliance

This 10-video course explores regulations and compliance considerations as they relate to governance risk and compliance (GRC). First learners will identify legal factors such as intellectual property and breach notifications and learn about General Data Protection Regulations (GDPR) for which violations can result in significant financial penalties. Next learn about standards and guidelines including those from the International Organization for Standardization (ISO) the Payment Card Industry Data Security Standard the National Institute for Standards and Technology (NIST) the Open Web Application Security Project (OWASP) the Software Assurance Forum for Excellence in Code the Software Assurance Maturity Model and Building Security In Maturity Model. You will then hear discussions of risk management and risk response. Explore common terminology including threats vulnerability residual risk controls probability and impact. Learn to differentiate between technical risk and business risk. The course concludes by exploring productive strategies including mitigate accept transfer and avoid. The course prepares learners for the (ISC)2 CSSLP: Certified Secure Software Lifecycle Professional certification exam.