Chapter 1: The cyber threat landscape
Chapter 2: Legal and contractual requirements
Chapter 3: Key terms and concepts
Chapter 5: Three security pillars
Chapter 6: Layers of defence in depth
Chapter 7: Mapping the layers against the Part 2 reference controls
Chapter 8: Implementation tips
Chapter 10: Board-level commitment and involvement
Chapter 11: Business continuity management
Chapter 12: Configuration and patch management
Chapter 13: Continual improvement process
Chapter 15: External certification/validation
Chapter 16: Identity and access control
Chapter 17: Incident response management
Chapter 19: Malware protection
Chapter 20: Network and communications security
Chapter 21: Physical and environmental security
Chapter 22: Security monitoring
Chapter 24: Staff training and awareness
Chapter 25: Supply chain security
Chapter 27: Vulnerability scanning and penetration testing
GRC International Group PLC resources