1.1. Understand, adhere to, and promote professional ethics.
1.2. Understand and apply security concepts.
1.3. Evaluate and apply security governance principles.
1.4. Determine compliance and other requirements.
1.5. Understand legal and regulatory issues that pertain to information
security in a holistic context.
1.6. Understand requirements for investigation types (i.e., administrative,
criminal, civil, regulatory, industry standards).
1.7. Develop, document, and implement security policy, standards,
procedures, and guidelines.
1.8. Identify, analyze, and prioritize Business Continuity (BC) requirement.
1.9. Contribute to and enforce personnel security policies and procedures.
1.10. Understand and apply risk management concepts.
1.11. Understand and apply threat modeling concepts and methodologies.
1.12. Apply Supply Chain Risk Management (SCRM) concepts.
1.13. Establish and maintain a security awareness, education, and