Managing Risk in Information Systems

Cover
Jones & Bartlett Publishers, 25.10.2010 - 452 Seiten
PART OF THE NEW JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES! Managing Risk in Information Systems provides a unique, in-depth look at how to manage and reduce IT associated risks. Written by an industry expert, this book provides a comprehensive explanation of the SSCP? Risk, Response, and Recovery Domain in addition to providing a thorough overview of risk management and its implications on IT infrastructures and compliance. Using examples and exercises, this book incorporates hands-on activities to walk the reader through the fundamentals of risk management, strategies and approaches for mitigating risk, and the anatomy of how to create a plan that reduces risk.
 

Ausgewählte Seiten

Inhalt

Part One Risk Management Business Challenges
1
Part Two Mitigating Risk
111
Part Three Risk Mitigation Plans
309
Appendix A Answer Key
421
Appendix B Standard Acronyms
423
Glossary of Key Terms
425
References
437
Index
443
Urheberrecht

Andere Ausgaben - Alle anzeigen

Managing Risk in Information Systems
Darril Gibson
Eingeschränkte Leseprobe - 2014
Managing Risk in Information Systems
Darril Gibson
Eingeschränkte Leseprobe - 2010


Eingeschränkte Leseprobe
Alle anzeigen »

Häufige Begriffe und Wortgruppen

access controls Additionally administrators alternate location antivirus software application assets attack audit backup BCP coordinator best practices buffer overflow Business Continuity Plan business impact analysis CBFs Chapter CIRT plan compliance configuration consider costs countermeasure create critical business functions database server determine Disaster Recovery Plan document e-mail server employees encrypted ensure evaluate example failover cluster firewall goal hardware helps HIPAA identify implement important installed internal Internet intrusion detection system loss malware Microsoft milestones NIST occurs organization outage password PCI DSS personnel POAM primary priority procedures protect purchase recommendations reduce response risk assessment risk management plan Risk Mitigation Plan scope Security Controls seven domains specific SQL injection steps threats and vulnerabilities traffic typical IT infrastructure update users vulnerability assessment Web farm Web server

Autoren-Profil (2010)

Darril Gibson, (ISC)2 SSCP and CISSP, CompTIA Security+ and CASP, is the CEO of YCDA (short for You Can Do Anything), and he has authored or coauthored more than 40 books. Darril regularly writes, consults, and teaches on a wide variety of technical and security topics and holds several certifications. He regularly posts blog articles at http: //blogs.getcertifiedgetahead.com/ about certification topics and uses that site to help people stay abreast of changes in certification exams. He loves hearing from readers, especially when they pass an exam after using one of his books, and you can contact him through the blogging site.

Bibliografische Informationen

TitelManaging Risk in Information Systems
Jones & Bartlett Learning information systems security & assurance series
The ISSA journal
Autor/inDarril Gibson
VerlagJones & Bartlett Publishers, 2010
ISBN0763791873, 9780763791872
Länge452 Seiten
  
Zitat exportierenBiBTeX EndNote RefMan