The security risk assessment handbook : a complete guide for performing security risk assessments /: a complete guide for performing security risk assessments. (2006)
- Record Type:
- Book
- Title:
- The security risk assessment handbook : a complete guide for performing security risk assessments /: a complete guide for performing security risk assessments. (2006)
- Main Title:
- The security risk assessment handbook : a complete guide for performing security risk assessments
- Further Information:
- Note: Douglas J. Landoll.
- Other Names:
- Landoll, Douglas J
- Contents:
- Introduction; The Need for an Information Security Program; Elements of an Information Security Program; Common Core Information Security Practices; Security Risk Assessment; Related Activities; The Need for This Book; Who Is This Book For?; ; Information Security Risk Assessment Basics; Phase 1: Project Definition; Phase 2: Project Preparation; Phase 3: Data-gathering; Phase 4: Risk Analysis; Phase 5: Risk Mitigation; Phase 6: Risk Reporting and Resolution; ; Project Definition; Ensuring Project Success; Project Description; ; Security Risk Assessment Preparation; Introduce the Team; Review Business Mission; Identify Critical Systems; Identify Assets; Identifying Threats; Determine Expected Controls; ; Data Gathering; Sampling; The RIIOT Method of Data Gathering; ; Administrative Data Gathering; Threats and Safeguards; The RIIOT Method: Administrative Data Gathering; ; Technical Data Gathering; Technical Threats and Safeguards; The RIIOT Method: Technical Data Gathering; ; Physical Data Gathering; Physical Threats and Safeguards; The RIIOT Method: Physical Data Gathering; ; Security Risk Analysis; Determining Risk; Creating Risk Statements; Team Review of Security Risk Statements; ; Security Risk Mitigation; Selecting Safeguards; Safeguard Solution Sets; Establishing Risk Parameters; ; Security Risk Assessment Reporting; Cautions in Reporting; Pointers in Reporting; Report Structure; Document Review Methodology: Create the Report Using; a Top-Down Approach; AssessmentIntroduction; The Need for an Information Security Program; Elements of an Information Security Program; Common Core Information Security Practices; Security Risk Assessment; Related Activities; The Need for This Book; Who Is This Book For?; ; Information Security Risk Assessment Basics; Phase 1: Project Definition; Phase 2: Project Preparation; Phase 3: Data-gathering; Phase 4: Risk Analysis; Phase 5: Risk Mitigation; Phase 6: Risk Reporting and Resolution; ; Project Definition; Ensuring Project Success; Project Description; ; Security Risk Assessment Preparation; Introduce the Team; Review Business Mission; Identify Critical Systems; Identify Assets; Identifying Threats; Determine Expected Controls; ; Data Gathering; Sampling; The RIIOT Method of Data Gathering; ; Administrative Data Gathering; Threats and Safeguards; The RIIOT Method: Administrative Data Gathering; ; Technical Data Gathering; Technical Threats and Safeguards; The RIIOT Method: Technical Data Gathering; ; Physical Data Gathering; Physical Threats and Safeguards; The RIIOT Method: Physical Data Gathering; ; Security Risk Analysis; Determining Risk; Creating Risk Statements; Team Review of Security Risk Statements; ; Security Risk Mitigation; Selecting Safeguards; Safeguard Solution Sets; Establishing Risk Parameters; ; Security Risk Assessment Reporting; Cautions in Reporting; Pointers in Reporting; Report Structure; Document Review Methodology: Create the Report Using; a Top-Down Approach; Assessment Brief; Action Plan; ; Security Risk Assessment Project Management; Project Planning; Project Tracking; Taking Corrective Measures; Project Status Reporting; Project Conclusion and Wrap-up; ; Security Risk Assessment Approaches; Quantitative vs. Qualitative Analysis; Tools; Security Risk Assessment Methods; ; Appendix Relevant Standards and Regulations; GAISP; COBIT; ISO 17799; NIST Handbook; HIPAA: Security; Gramm-Leach-Bliley Act (GLB Act) … (more)
- Publisher Details:
- Boca Raton, FL : Auerbach Publications
- Publication Date:
- 2006
- Extent:
- 1 online resource (xxi, 473 pages), illustrations, maps
- Subjects:
- 658.4/7
Business -- Data processing -- Security measures
Computer security
Data protection
Risk assessment
BUSINESS & ECONOMICS -- Workplace Culture
BUSINESS & ECONOMICS -- Corporate Governance
BUSINESS & ECONOMICS -- Leadership
BUSINESS & ECONOMICS -- Organizational Development
Business -- Data processing -- Security measures
Computer security
Data protection
Risk assessment
Electronic books - Languages:
- English
- ISBNs:
- 1420031236
9781420031232 - Related ISBNs:
- 0849329981
- Notes:
- Note: Includes bibliographical references and index.
Note: Print version record. - Access Rights:
- Legal Deposit; Only available on premises controlled by the deposit library and to one user at any one time; The Legal Deposit Libraries (Non-Print Works) Regulations (UK).
- Access Usage:
- Restricted: Printing from this resource is governed by The Legal Deposit Libraries (Non-Print Works) Regulations (UK) and UK copyright law currently in force.
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD.DS.160244
- Ingest File:
- 01_031.xml