Practical risk management for the CIO. (©2011)
- Record Type:
- Book
- Title:
- Practical risk management for the CIO. (©2011)
- Main Title:
- Practical risk management for the CIO
- Further Information:
- Note: Mark Scherling.
- Other Names:
- Scherling, Mark
- Contents:
- Introduction: Why Risk Management? Liability; Personal Data Disclosed or Stolen; Intellectual Property Lost or Stolen; Wrong Decisions Made; Liability Risks Service Delivery; Transaction Centric; Information Centric; Risks to Service Delivery; Risks to the CIO PRINCIPLES AND CONCEPTS Overview; Market Risks; Budget Risks; People Risks; Technology Risks; Operational Risks; Information Risks; Control Risks; Detection Risks; Risk Treatment Basic Concepts, Principles, and Practices ; Concepts; Risk IT Framework Principles; ISO 31000 Risk Management Principles; Other Risk Management Principles; Summary: Risk Management and Risk IT Principles; Information Security Principles; Accountability Principle; Awareness Principle; Ethics Principle; Multidisciplinary Principle; Proportionality Principle; Integration Principle; Timeliness Principle; Assessment Principle; Equity Principle; Information Management Principles; Value; Life Cycle; Reuse; Proliferates Quickly; Dependencies; Principles Risk Assessment, Analysis, and Procedures; Making Decisions: Fact or Fiction? How Do You Decide?; Confidence Ranking Process; Facts; Calculations; Estimations; Guesses; Risk Management Starts with the Individual; Managing Risky People; Risk Management Profiling and Risk Culture; Measuring Risks or Uncertainty; How to Measure Risks; Identify the Risk; Consensus of the Risk; Analysis of Risk; Mitigate the Risk; Monitor the Risk; Reassess the Risk; Performing a Risk Assessment; Team or CommitteeIntroduction: Why Risk Management? Liability; Personal Data Disclosed or Stolen; Intellectual Property Lost or Stolen; Wrong Decisions Made; Liability Risks Service Delivery; Transaction Centric; Information Centric; Risks to Service Delivery; Risks to the CIO PRINCIPLES AND CONCEPTS Overview; Market Risks; Budget Risks; People Risks; Technology Risks; Operational Risks; Information Risks; Control Risks; Detection Risks; Risk Treatment Basic Concepts, Principles, and Practices ; Concepts; Risk IT Framework Principles; ISO 31000 Risk Management Principles; Other Risk Management Principles; Summary: Risk Management and Risk IT Principles; Information Security Principles; Accountability Principle; Awareness Principle; Ethics Principle; Multidisciplinary Principle; Proportionality Principle; Integration Principle; Timeliness Principle; Assessment Principle; Equity Principle; Information Management Principles; Value; Life Cycle; Reuse; Proliferates Quickly; Dependencies; Principles Risk Assessment, Analysis, and Procedures; Making Decisions: Fact or Fiction? How Do You Decide?; Confidence Ranking Process; Facts; Calculations; Estimations; Guesses; Risk Management Starts with the Individual; Managing Risky People; Risk Management Profiling and Risk Culture; Measuring Risks or Uncertainty; How to Measure Risks; Identify the Risk; Consensus of the Risk; Analysis of Risk; Mitigate the Risk; Monitor the Risk; Reassess the Risk; Performing a Risk Assessment; Team or Committee Selection; Step 1: Define Parameters; Taxonomy of Risk Types; Scope, Time Frame, Complexity, and Stakeholders; Step 2: Identify Risks and Impacts; Step 3: Consensus of Risks and Impacts; Step 4 Risks and Impacts Analysis; Step 5: Prioritize Risks and Impacts; Step 6: Review Existing Controls; Step 7: Risks and Impacts Mitigation Analysis; Step 8: Costing, Prioritization, and Decisions; Step 9: Implementation; Step 10: Review Metrics; User Experienced Metrics Best Practices ; Principles and Concepts: Section Summary Part II: SERVICE DELIVERY Product Management ; Products You Deliver as a CIO; Information Delivery: How Information Flows in Your; Organization; Organizing IT for Information Delivery, Management, and Protection Process Management Project Management; Projects; Risk Ranking; Vulnerability Scanning; Reporting IT Service Management; Opportunity Capacity Reporting on Service Delivery Service Delivery: Section Summary LIABILITIES MANAGEMENT Information Management; The Value of Information; Classify Your Information: Value and Categories; Value/Sensitivity of Information; Categories of Information; Controlled Vocabulary, Taxonomies, Keywords, and Search; Controlled Vocabularies; Summary; Identify Information Assets; Information Has a Life Cycle; Database Information Life Cycle; Information Flows; Information Flow Analysis; Information Management Strategy; Designing Information Management across Large Organizations; Steps to Better Information Management Information Protection; Security Controls; Essential Controls; Personnel (Includes Management and Operations); Technology; Information; Ingress; Egress; Database Security and Monitoring; Defense in Depth; Audit and Compliance; Documentation; Information Security Architecture; Reporting on Information Security; FISMA, NIST, and FIPS; Why; What; Specifications for Minimum Security Requirements; How; Payment Card Industry Data Security Standard; Analysis of Good Information Security Practices; Employee, Hacker, Insider, or Outsider; Insiders; Employees; Partners; Contractors; Outsourced; Insider Threats; Insider Controls; Outsiders; General Public; Hackers; Customers, Clients, Others; Outsider Threats; Outsider Controls; Data Loss Prevention/Information Knowledge Leakage; Database Solutions; Network and End-Point Solutions; Portable Device Control; Defining the Risk; Deploying DLP Solutions; Paper: Print, Keep, Shred E-Discovery; Rules and Obligations; Standard of Proof; E-Discovery Process; Information Management; Collection and Preservation; Production; Presentation; Summary of E-Discovery Privacy Policies and Procedures; Writing Good Policies; Communicating Policy; Enforcing Policy; Writing Good Procedures; Following Procedures; Next-Generation Policies and Procedures Planning for Big Failures or Business Continuity; Business Resilience and Redundancy; Business Continuity Management Liabilities Management: Section Summary PUTTING IT ALL TOGETHER Designing a Risk Management Strategy; External Factors; Organization Structure; Identify Assets; Compliance Requirements; Risk Management Profiles; Risk Culture; Governance; Risk Management Strategy for Service Delivery; Risk Management Strategy for Liabilities; Consolidated Risk Management Strategy; Risk Management Framework: Outline; Maintain Risk Management Program; Resourcing a Risk Management Program Forward-Looking Risk Management Preparing for a "Black Swan" Conclusion Appendices; OECD Privacy Principles; Project Profiling Risk Assessment; Risk Impact Scales; Classification Schema Bibliography Index … (more)
- Publisher Details:
- Boca Raton : CRC Press/Auerbach Book
- Publication Date:
- 2011
- Copyright Date:
- 2011
- Extent:
- 1 online resource (xiv, 370 pages), illustrations
- Subjects:
- 658.4/78
Data protection
Risk management
Information technology -- Security measures
Computer networks -- Security measures
Chief information officers
Chief information officers
Computer networks -- Security measures
Data protection
Information technology -- Security measures
Risk management
BUSINESS & ECONOMICS -- Workplace Culture
BUSINESS & ECONOMICS -- Corporate Governance
BUSINESS & ECONOMICS -- Leadership
BUSINESS & ECONOMICS -- Organizational Development
Chief information officers
Computer networks -- Security measures
Data protection
Information technology -- Security measures
Risk management
Electronic books - Languages:
- English
- ISBNs:
- 9781439856543
1439856540 - Related ISBNs:
- 9781439856536
1439856532 - Notes:
- Note: Includes bibliographical references (pages 363-370).
Note: Print version record. - Access Rights:
- Legal Deposit; Only available on premises controlled by the deposit library and to one user at any one time; The Legal Deposit Libraries (Non-Print Works) Regulations (UK).
- Access Usage:
- Restricted: Printing from this resource is governed by The Legal Deposit Libraries (Non-Print Works) Regulations (UK) and UK copyright law currently in force.
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD.DS.145237
- Ingest File:
- 01_000.xml