What you'll learn:
- Understand what (ISC)2 expects you to know about laws and regulations for the CCSP exam under the August 2022 update.
- Recognize laws and regulations and be able to divide them in to categories such as privacy or healthcare.
- Comprehend what an audit entails.
- Understand what industrial controls systems and programmable logic computers are used for.
- Understand the privacy maturity model.
In this course we walk through all of the critical concepts within the Legal and Compliance domain. Legal is only 13% of the test, but if you are not properly prepared it can have a huge impact on your success. I will guide you through all of the concepts that you need to know and advise you on the level of knowledge that you need to get comfortable with.
There is nearly 3 hours of video content plus course notes based on information from my book: Cloud Guardians.
In here you will learn about privacy laws(especially ones that are good to be aware of), financial laws, health care laws and many other regulations. Privacy laws include the EU's GDPR, Canada's PIPEDA and more.
There are also many USGovernment regulations that you should be familiar with such as the CLOUD act, FedRAMP, and the Stored Communication Act (SCA).
You will be guided through the parts of a contract as well as contractual requirements such as PCI-DSS.
In order to be in compliance with applicable laws, regulations, standards, contracts and policies it is necessary to have audits performed. We will explore the AICPA's auditing standard and resulting reports, such as SOC 2 Type II.
The final piece to this domain is the topic of forensics. Especially how the cloud impacts a forensic investigation.