New Skills

New Training: Explain Compliance-based Assessments

by Team Nuggets
New Training: Understand Orchestration Processes and Concepts picture: A
Published on February 25, 2021

In this 5-video skill, CBT Nuggets trainer Shawn Powers identifies the key aspects of compliance-based assessments, including rules, policies, limitations, and more. Watch this new CompTIA training.

Learn CompTIA with one of these courses:

This training includes:

  • 5 videos

  • 16 minutes of training

You’ll learn these topics in this skill:

  • Intro to Compliance Assessments

  • Identifying Various Compliance-based Standards

  • Using Pre-defined Rules for a Pentesting Engagement

  • Understanding Password Policies and Key Management

  • Handling Data Isolation and Limited Access

Which is Better: Compliance or Risk Assessments?

Compliance-based assessments are used to ensure that organizations, companies, and even entire industries align with specific security standards. Businesses that deal with financial information or healthcare data must protect those details from being compromised, and standards like those published by the NIST outline best practices and requirements.

This approach stands in stark contrast to risk-based assessments.In the latter, cybersecurity professionals examine a company's systems and networks to identify weaknesses that could be exploited, then propose customized solutions to resolve any issues they find. Compliance-based assessments, however, evaluate an organization's systems and networks against a published standard to see how they measure up to those requirements.

Look at it this way: when a government inspector comes out to a construction site, he checks the plumbing and the electrical systems to ensure they align with local building codes–that's a compliance assessment. When you buy a home and a house inspector gives the building a scrub from top to bottom, he's looking for any issues that have developed over the years that might cause problems. That's an example of a risk-based assessment.

Both types of evaluations are necessary, but it's even more critical to understand the difference between the two and how each should be used.

Send me CBT Nuggets IT training news and resources. (Optional)

By submitting this form you agree that you have read, understood, and are able to consent to our privacy policy.

Don't miss out!Get great content
delivered to your inbox.

By submitting this form you agree that you have read, understood, and are able to consent to our privacy policy.

Recommended Articles

Get CBT Nuggets IT training news and resources

I have read and understood the privacy policy and am able to consent to it.

© 2023 CBT Nuggets. All rights reserved.Terms | Privacy Policy | Accessibility | Sitemap | 2850 Crescent Avenue, Eugene, OR 97408 | 541-284-5522