The Official (ISC)2 Guide to the CISSP CBK ReferenceWarsinske, J., Graff, M., Henry, K., Hoover, C., Malisow, B., Murphy, S., Oakes, C.P., Pajari, G., Parker, J.T., Seidl, D., & Vasquez, M. (2019). The official (ISC) 2 guide to the CISSP CBK Reference (5th ed.). Wiley.
Read Chapter 6 - Domain 6: Security Assessment and Testing.
This chapter details specific tasks performed by the organization to mitigate risk. Specifically, security assessments, risk assessments, and security auditing processes are discussed.