Managing Risk in Information SystemsJones & Bartlett Publishers, 17.07.2014 - 462 Seiten PART OF THE JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES Revised and updated with the latest data in the field, the Second Edition of Managing Risk in Information Systems provides a comprehensive overview of the SSCP® Risk, Response, and Recovery Domain in addition to providing a thorough overview of risk management and its implications on IT infrastructures and compliance. Written by industry experts, and using a wealth of examples and exercises, this book incorporates hands-on activities to walk the reader through the fundamentals of risk management, strategies and approaches for mitigating risk, and the anatomy of how to create a plan that reduces risk. Instructor's Material for Managing Risk in Information Systems include: PowerPoint Lecture Slides Instructor's Guide Course Syllabus Quiz & Exam Questions Case Scenarios/Handouts |
Inhalt
PART ONE Risk Management Business Challenges | 1 |
PART TWO Mitigating Risk | 111 |
PART THREE Risk Mitigation Plans | 313 |
APPENDIX A Answer Key | 431 |
APPENDIX B Standard Acronyms | 433 |
Glossary of Key Terms | 437 |
| 449 | |
| 453 | |
Andere Ausgaben - Alle anzeigen
Häufige Begriffe und Wortgruppen
access controls Additionally alternate location antivirus software application assets attack audit backup BCP coordinator best practices buffer overflow Business Continuity Plan business impact analysis CBFs CHAPTER CIRT plan compliance configuration consider costs countermeasure create critical business functions database server determine Disaster Recovery Plan document e-mail server effect employees encrypted ensure evaluate example failover cluster firewall goal hardware helps HIPAA identify implement important installed internal Internet intrusion detection system loss malware Microsoft mission-critical NIST occurs organization outage password PCI DSS percent perform personnel POAM primary priority procedures protect Protocol purchase recommendations reduce response risk assessment risk management plan Risk Mitigation Plan scope seven domains specific SQL injection steps threats and vulnerabilities traffic typical IT infrastructure update users vulnerability assessment Web farm Web server