This is a breakdown of the NIST risk management framework process for cybersecurity professionals getting into security compliance. It is written in layman's terms, without the convoluted way it is described in the NIST SP 800-37 revision 2. It goes into what the information system security officer does at each step in the process and where their attention should be focused.
Although the main focus is on implementation of the NIST 800 RMF process, this book covers many of the main concepts on certifications, such as the ISC2 CAP.
(Tags : RMF ISSO: Foundations (Guide): NIST 800 Risk Management Framework for Cybersecurity Professionals (Unabridged) Bruce Brown Audiobook, Bruce Brown Audio CD )