 |
|
| INFORMATION ASSURANCE
| |
| | |
|
|
Managing Organizational IT Security Risks
To order this title, and for more information, click here
By
Joseph Boyce, Employee of the Department of Defense
Daniel Jennings, Information Systems Security Manager, European Command (EUCOM)
Description
Written by two INFOSEC experts, this book provides a systematic and practical approach for establishing, managing and operating a comprehensive
Information Assurance program. It is designed to provide ISSO managers, security managers, and INFOSEC professionals with an understanding
of the essential issues required to develop and apply a targeted information security posture to both public and private corporations
and government run agencies.
There is a growing concern among all corporations and within the security industry to come up with new
approaches to measure an organization's information security risks and posture. Information Assurance explains and defines the theories
and processes that will help a company protect its proprietary information including:
* The need to assess the current level of risk.
* The need to determine what can impact the risk.
* The need to determine how risk can be reduced.
The authors lay out a detailed
strategy for defining information security, establishing IA goals, providing training for security awareness, and conducting airtight
incident response to system compromise. Such topics as defense in depth, configuration management, IA legal issues, and the importance
of establishing an IT baseline are covered in-depth from an organizational and managerial decision-making perspective.
Audience
Security Managers, INFOSEC Managers, Operational Managers, Information and Operational System Auditors, IT System Administrators and IT Network Managers.
Contents
Section I - The Organizational IA Program: The Practical and Conceptual Foundation
Ch. 1 IA and the Organization: The Challenges
Ch. 2
Basic Security Concepts, Principles, and Strategy
Section II - Defining the Organization's Current IA Posture
Ch. 3 Determining the Organization's
IA Baseline
Ch. 4 Determining IT Security Priorities
Ch. 5 The Organization's IA Posture
III - Establishing and Managing an IA Defense
In Depth Strategy within an Organization
Ch. 6 Layer 1: IA Policies
Ch. 7 Layer 2: IA Management
Ch. 8 Layer 3: IA Architecture
Ch. 9
Layer 4: Operational Security Administration;
Ch. 10 Layer 5: Configuration Management
Ch. 11 Layer 6: Life-Cycle Security
Ch. 12 Layer
7: Contingency Planning
Ch. 13 Layer 8: IA Education, Training, and Awareness
Ch. 14 Layer 9: IA Policy Compliance Oversight
Ch. 15
Layer 10: IA Incident Response
Ch. 16 Layer 11: IA Reporting
Appendix
| Bibliographic details |
Paperback, 261 pages, publication date: JUN-2002
ISBN-13: 978-0-7506-7327-3
ISBN-10: 0-7506-7327-3
Imprint: BUTTERWORTH HEINEMANN
|
| Price and Ordering |
Price:
EUR 58.95
GBP 50
USD 67.95
|  |
Books and book related electronic products are priced in US dollars (USD), euro (EUR), and Great Britain Pounds (GBP). USD prices apply to the Americas and Asia Pacific. EUR prices apply in Europe and the Middle East. GBP prices apply to the UK and all other countries.
|
See also information about conditions of sale & ordering procedures, and links to our regional sales offices.
|
075/785
Last update: 22 Sep 2009
|
|
| |
| | |
|
|
| |
Home | Elsevier Sites | Privacy Policy | Terms and Conditions | Feedback | Site Map | A Reed Elsevier Company