CertMike Explains Due Care vs. Due Diligence
ฝัง
- เผยแพร่เมื่อ 14 ก.ค. 2022
- Due care and due diligence are common phrases that people associate with doing the right thing. However the distinction between the two often confuses people. Understanding the difference between due care and due diligence is an important topic as you prepare for the CISSP, CISM, and other cybersecurity certification exams.
In this video, certification and cybersecurity expert Mike Chapple breaks down the basics of due care vs. due diligence to help you prepare for your exam.
Learn more about Mike's full certification preparation programs at www.certmike.com/
#cybersecurity #CertMike #DueCare #DueDiligence #RightThings #PriorPlanning #CybersecurityPreparation #ProtectionEfforts - วิทยาศาสตร์และเทคโนโลยี
![[ไฮไลต์] แบดมินตันชาย วิว กุลวุฒิ (ไทย) vs LEE Zii Jia (มาเลเซีย) รอบรองชนะเลิศ | โอลิมปิก 2024](http://i.ytimg.com/vi/mvBiEAqlssw/mqdefault.jpg)
have always struggled to know the difference between due care and due diligence, this video nailed it for me, thanks Mike
I have searched so long for a good explanation! That's it! Thanks
Thank you Mike Chapple for making everything simple !
This is a much better explanation than some of the other TH-camrs
Explained like a pro with passion. Thank you. This will assist me with my PWC assignment.
It's a perfectly clear definition and explanation of due care and due diligence with different real-life examples. It's really brilliant. Thanks.
Always helpful to listen these videos!
Damn. I'd bet that any company in the world who was absolutley totally irresponsible at following it's own company guidelines & rules as well as proper procedures would be totally afraid out of their wits of you. That was a wonderful presentaion and explanation. Thanks for sharing.
I want to add my 5c: I noticed there's a mild mistake in the video - it seems as if due dilligence is just before due care in the timeline, which is not always the case. If we hypothetically had an exposed live electric wire, putting a fence around it would be due care. And periodically monitoring that the fence isn't breached/hasn't become conductive/hasn't become eroded would be due dilligence. You may notice that in this example, due care is before due dilligence
I personally think of due dilligence as "business as usual when things go well", and due care as "doing everything reasonable in the event of things going bad fast"
Finally got it. Thanks
hi Mike, after this video, I think that setting up a firewall, a WAF means doing due diligence exercises, and maintaining/operating the firewalls, inspecting their logs means doing due care tasks.
Please correct me if I'm wrong.
Thank you!
In simple words Due Care = DC= Do correct, and Due Diligence= DD= Do detect.
and as per CISSP CBK 6th edition page 22" reviewing security log output for suspicious activity and conducting penetration tests to
determine if firewall rules are sufficiently restrictive is due dilgence" hence reviewing logs comes under due diligence.
so, running a VA scan is due diligence? n fixing vulnerability part is due care?
in simple words Due Care = DC= Do correct, and Due Diligence= DD= Do detect.
so by this your approach is right to consider above concept.
I am sorry here Mike.
you had made this concept bit difficult and in fact more confusing.
The explanation provided in CISSP CBK 6th edition page 22 is " Due Care : reasonable care to protect the interests of your organization, and Due Diligence : ongoing execution and monitoring of due care"
and this is simply opposite what you explain here or described in your book i.e. CISSP OSG 9th Edition.
This has caused a lot confusion and every time we respond wrong of there is any question related with this concept.
I must say we must stick with CBK, as this would be right approach to answer correctly in the exam, whatever the actual answer is, since the same concept is endorsed at ISC2 website of flash cards.