14 ratings (4.57 avg)
1 review

Johnson Liu

Add friend

Johnson’s Bookshelves

to-read‎ (8)

currently-reading‎ (3)

read‎ (13)

Stats | More…

Johnson is Currently Reading

Johnson Liu is currently reading

台灣史必修Taiwan Special (Traditional Chinese Edition)

by 苦苓

bookshelves: currently-reading

Rate this book

Clear rating

1 of 5 stars 2 of 5 stars 3 of 5 stars 4 of 5 stars 5 of 5 stars

Feb 24, 2023 04:09AM

Johnson Liu is currently reading

雪球：巴菲特傳

by Alice Schroeder

bookshelves: currently-reading

Rate this book

Clear rating

1 of 5 stars 2 of 5 stars 3 of 5 stars 4 of 5 stars 5 of 5 stars

Apr 11, 2021 07:20AM

Johnson Liu is currently reading

CISM Certified Information Security Manager All-in-One Exam Guide

by Peter H. Gregory

bookshelves: currently-reading

Rate this book

Clear rating

1 of 5 stars 2 of 5 stars 3 of 5 stars 4 of 5 stars 5 of 5 stars

progress:

(45%)
— Oct 10, 2019 08:07PM

Jul 18, 2019 08:53AM

Johnson’s Notes & Highlights

Book cover for SSCP Systems Security Certified Practitioner All-in-One Exam Guide, Third Edition

SSCP Systems Security Certified Practitioner All-in-One Exam Guide, Third Edition by Darril Gibson

227 highlights

The three primary goals of an information security program are to prevent the loss of confidentiality, the loss of integrity, and the loss of availability for any IT systems and data.

“The concept of security by design is one in which security and risk are incorporated in every level of product development, from inception to development, testing, implementation, maintenance, and operations.”
― Peter H. Gregory, CISM Certified Information Security Manager All-in-One Exam Guide

0 likes

“An organization’s risk management program should be documented in a charter. A charter is a formal document that defines and describes a business program and becomes part of the organization’s record.”
― Peter H. Gregory, CISM Certified Information Security Manager All-in-One Exam Guide

0 likes

“The key business record in risk management is the risk register, which is a log of historic and newly identified risks.”
― Peter H. Gregory, CISM Certified Information Security Manager All-in-One Exam Guide

0 likes

“Understanding and changing aspects of an organization’s culture is one of the most important success factors in an organization and also one of the most difficult.”
― Peter H. Gregory, CISM Certified Information Security Manager All-in-One Exam Guide

0 likes

“The best solution for these “unknown unknowns” is to have an external, competent firm perform an organization’s risk assessment every few years or for such an organization to thoroughly examine an organization’s risk assessment for the purpose of discovering opportunities for improvement, including expanding the span of threats, threat actors, and vulnerabilities so that there are fewer or no unknown risks.”
― Peter H. Gregory, CISM Certified Information Security Manager All-in-One Exam Guide

0 likes

More of Johnson’s quotes…