Information Security Risk Assessment Toolkit
Practical Assessments through Data Collection and Data AnalysisBy
- Mark Talabis, is a Manager for the Secure DNA Consulting practice.
- Jason Martin, is the President and CEO of Secure DNA, an Information Security Company that provides security solutions to companies throughout the United States and Asia.
In order to protect companys information assets such as sensitive customer records, health care records, etc., the security practitioner first needs to find out: what needs protected, what risks those assets are exposed to, what controls are in place to offset those risks, and where to focus attention for risk treatment. This is the true value and purpose of information security risk assessments. Effective risk assessments are meant to provide a defendable analysis of residual risk associated with your key assets so that risk treatment options can be explored. Information Security Risk Assessments gives you the tools and skills to get a quick, reliable, and thorough risk assessment for key stakeholders.
Paperback, 278 Pages
Published: October 2012
Chapter 1: Information Security Risk AssessmentsChapter 2: A Practical Approach
Chapter 3: Data CollectionChapter 4: Data Analysis
Chapter 5: Risk AssessmentChapter 6: Risk Prioritization and Treatment
Chapter 7: ReportingChapter 8: Maintenance and Wrap Up