Management of Information Security
Management of Information Security, Third Edition focuses on the managerial aspects of information security and assurance. Topics covered include access control models, information security governance, and information security program assessment and metrics. Coverage on the foundational and technical components of information security is included to reinforce key concepts. This new edition includes up-to-date information on changes in the field such as revised sections on national and international laws and international standards like the ISO 27000 series. With these updates, Management of Information Security continues to offer a unique overview of information security from a management perspective while maintaining a finger on the pulse of industry changes and academic relevance.
Important Notice: Media content referenced within the product description or the product text may not be available in the ebook version.
What people are saying - Write a review
We haven't found any reviews in the usual places.
Introduction to the Management of Information Security
Planning for Security
Planning for Contingencies
Information Security Policy
Developing the Security Program
Security Management Models
Security Management Practices
Risk Management Identifying and Assessing Risk
Other editions - View all
access control activities administrators analysis application approach areas attack Audit authentication bastion host business continuity planning business impact analysis certification chapter CISO CISSP COBIT communications components Computer Security configuration contingency planning cost Course Technology/Cengage Learning create disaster recovery e-mail EISP employees encryption ensure ethical evaluation example Figure firewall functions GIAC identify IDPS implementation incident response individuals information assets Information Security Department information security management information security policy information security program information systems information technology InfoSec integrity internal Internet Iris measures ment NIST NIST SP objectives operations organization organization’s organization’s information organizational packet password performance personnel phase policy document practices procedures project management reports requirements risk assessment risk management rity role secu security controls server Source specific standards strategy substitution cipher Systems Security tasks TCSEC technical threats tion users vulnerabilities