Читать книгу The Official (ISC)2 CISSP CBK Reference - Leslie Fife, Aaron Kraus - Страница 101

A procedure is a detailed step-by-step guide to achieve a particular goal or requirement. Procedures tell you how to implement your policies and how to meet your standards and baselines. Some common examples of security procedures include the following:

 Vulnerability scanning procedures

 Backup and restore procedures

 Account provisioning procedures

 Patch management procedures

As a CISSP, you may be called upon to create, update, and manage information security policies at your organization. In addition, as a CISSP, you must ensure that other, noninformation security procedures (e.g., HR and transaction processing procedures) within your organization are safe, secure, and compliant with relevant policies and standards.