CCSP Domain 6 - Legal & Compliance
What you'll learn
- Understand what (ISC)2 expects you to know about laws and regulations for the CCSP exam under the August 2022 update.
- Recognize laws and regulations and be able to divide them in to categories such as privacy or healthcare.
- Comprehend what an audit entails.
- Understand what industrial controls systems and programmable logic computers are used for.
- Understand the privacy maturity model.
- A desire to learn what you need to know about laws and regulations for the CCSP exam.
- There are no requirements. An understanding of networking can be very beneficial though.
- A basic understanding of information security is recommended.
In this course we walk through all of the critical concepts within the Legal and Compliance domain. Legal is only 13% of the test, but if you are not properly prepared it can have a huge impact on your success. I will guide you through all of the concepts that you need to know and advise you on the level of knowledge that you need to get comfortable with.
There is nearly 3 hours of video content plus course notes based on information from my book: Cloud Guardians.
In here you will learn about privacy laws (especially ones that are good to be aware of), financial laws, health care laws and many other regulations. Privacy laws include the EU's GDPR, Canada's PIPEDA and more.
There are also many US Government regulations that you should be familiar with such as the CLOUD act, Fed RAMP, and the Stored Communication Act (SCA).
You will be guided through the parts of a contract as well as contractual requirements such as PCI-DSS.
In order to be in compliance with applicable laws, regulations, standards, contracts and policies it is necessary to have audits performed. We will explore the AICPA's auditing standard and resulting reports, such as SOC 2 Type II.
The final piece to this domain is the topic of forensics. Especially how the cloud impacts a forensic investigation.
Who this course is for:
- This course is intended for people that are preparing for the (ISC)2 CCSP exam with the August 2022 updates..
- This course would benefit anyone working to expand their knowledge and understanding of the cloud and its impact on laws and regulations.
Hi! I am Gwen Bettwy
CISSP-ISSAP, ISSMP, CCSP, CGEIT, CISM, CISA, SSCP, CCSI
I have been traveling and teaching around the world since 1994. I began teaching Information Security in 2003 for (ISC)2. I have averaged about 2 courses a month since 1994. I began my career at Sprint which has helped me prepare for CCSPs cloud provider view.
Most of the courses I have taught since 2003 has been CISSP, although CISM, CISA, SSCP, and CGEIT have been sprinkled through there. I began teaching CCSP in 2017, since the exam was not launched until 2015.
I have a proven track record in the classroom of guiding students through information security concepts through to certification!