CHAPTER 14
Advantages of Certification, Accreditation, and Assurance
In general, certification refers to a thorough assessment of a process, while accreditation is a formal declaration about the status of a process. In information assurance, certification and accreditation (C&A) are complex topics. In some economies, it is associated with government rules and regulations; however, the concept is much broader. It spans everything from compliance with an internationally recognized standard such as ISO 27001 to a more specifically focused audit to assure that management acknowledges and accepts the inherent risk in a system. In today’s fast-changing environment, where every new day brings new threats and vulnerabilities, information assurance ...
Get Information Assurance Handbook: Effective Computer Security and Risk Management Strategies now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.