Op werkdagen voor 23:00 besteld, morgen in huis Gratis verzending vanaf €20

IT Security Risk Control Management

An Audit Preparation Plan

Paperback Engels 2016 9781484221396
Verkooppositie 5238Hoogste positie: 5238
Verwachte levertijd ongeveer 8 werkdagen


Follow step-by-step guidance to craft a successful security program. You will identify with the paradoxes of information security and discover handy tools that hook security controls into business processes.
Information security is more than configuring firewalls, removing viruses, hacking machines, or setting passwords. Creating and promoting a successful security program requires skills in organizational consulting, diplomacy, change management, risk analysis, and out-of-the-box thinking.
What You Will Learn:
Build a security program that will fit neatly into an organization and change dynamically to suit both the needs of the organization and survive constantly changing threats
Prepare for and pass such common audits as PCI-DSS, SSAE-16, and ISO 27001
Calibrate the scope, and customize security controls to fit into an organization's culture
Implement the most challenging processes, pointing out common pitfalls and distractions
Frame security and risk issues to be clear and actionable so that decision makers, technical personnel, and users will listen and value your advice
Who This Book Is For:
IT professionals moving into the security field; new security managers, directors, project heads, and would-be CISOs; and security specialists from other disciplines moving into information security (e.g., former military security professionals, law enforcement professionals, and physical security professionals)


Aantal pagina's:311
Hoofdrubriek:IT-management / ICT


Wees de eerste die een lezersrecensie schrijft!

Geef uw waardering

Zeer goed Goed Voldoende Matig Slecht


Part I: Getting a Handle on Things
Chapter 1: Why Audit
Chapter 2: Assume Breach
Chapter 3: Risk Analysis: Assets and Impacts
Chapter 4: Risk Analysis: Natural Threats
Chapter 5: Risk Analysis: Adversarial Risk
Part II: Wrangling the Organization
Chapter 6: Scope
Chapter 7: Governance
Chapter 8: Talking to the Suits
Chapter 9: Talking to the Techs<
Chapter 10: Talking to the Users
Part III: Managing Risk with Controls
Chapter 11: Policy
Chapter 12: Control Design
Chapter 13: Administrative Controls
Chapter 14: Vulnerability Management
Chapter 15: People Controls
Chapter 16: Logical Access Control
Chapter 17: Network Security Controls
Chapter 18: More Technical Controls
Chapter 19: Physical Security Controls
Part IV: Being Audited
Chapter 20: Response Controls
Chapter 21: Starting the Audit
Chapter 22: Internal Audit
Chapter 23: Third Party Security
Chapter 24: Post Audit Improvement

Managementboek Top 100


Populaire producten



        IT Security Risk Control Management