Information Security Risk Analysis

Front Cover
CRC Press, Jan 23, 2001 - Computers - 296 pages
1 Review
Risk is a cost of doing business. The question is, "What are the risks, and what are their costs?" Knowing the vulnerabilities and threats that face your organization's information and systems is the first essential step in risk management.

Information Security Risk Analysis shows you how to use cost-effective risk analysis techniques to identify and quantify the threats--both accidental and purposeful--that your organization faces. The book steps you through the qualitative risk analysis process using techniques such as PARA (Practical Application of Risk Analysis) and FRAP (Facilitated Risk Analysis Process) to:
  • Evaluate tangible and intangible risks
  • Use the qualitative risk analysis process
  • Identify elements that make up a strong Business Impact Analysis
  • Conduct risk analysis with confidence

    Management looks to you, its information security professional, to provide a process that allows for the systematic review of risk, threats, hazards, and concerns, and to provide cost-effective measures to lower risk to an acceptable level. You can find books that cover risk analysis for financial, environmental, and even software projects, but you will find none that apply risk analysis to information technology and business continuity planning or deal with issues of loss of systems configuration, passwords, information loss, system integrity, CPU cycles, bandwidth, and more. Information Security Risk Analysis shows you how to determine cost effective solutions for your organization's information technology.
  •  

    What people are saying - Write a review

    We haven't found any reviews in the usual places.

    Selected pages

    Contents

    Chapter 1 Effective Risk Analysis
    1
    Chapter 2 Qualitative Risk Analysis
    23
    Chapter 3 Value Analysis
    47
    Chapter 4 Other Qualitative Methods
    53
    Chapter 5 Facilitated Risk Analysis Process FRAP
    69
    Chapter 6 Other Uses of Qualitative Risk Analysis
    91
    Chapter 7 Case Study
    101
    Questionnaire
    157
    Sample of Report
    201
    Threat Definitions
    203
    Other Risk Analysis Opinions
    217
    Risk Assessment and Management
    221
    New Trends in Risk Assessment
    245
    Integrated Risk ManagementA Concept for Risk Containment
    257
    Index
    273
    Back cover
    283

    Facilitated Risk Analysis Process FRAP Forms
    183
    Business Impact Analysis BIA Forms
    195

    Other editions - View all

    Common terms and phrases

    Popular passages

    Page ii - Information Security Risk Analysis Thomas Peltier ISBN: 0-8493-0880-1 Information Technology Control and Audit Frederick Gallegos. Sandra Allen-Senft. and Daniel P. Manson ISBN: 0-8493-9994-7 New Directions in Internet Management Sanjiv Purba.

    References to this book

    All Book Search results »

    Bibliographic information