The risk management process supports executive decision-making, allowing managers and owners to perform their fiduciary responsibility of protecting the assets of their enterprises. This crucial process should not be a long, drawn-out affair. To be effective, it must be done quickly and efficiently.

Information Security Risk Analysis, Third Edition enables CIOs, CSOs, and MIS managers to understand when, why, and how risk assessments and analyses can be conducted effectively.

This book discusses the principle of risk management and its three key elements: risk analysis, risk assessment, and vulnerability assessment. It examines the differences between quantitative and qualitative risk assessment, and details how various types of qualitative risk assessment can be applied to the assessment process.

The text offers a thorough discussion of recent changes to FRAAP and the need to develop a pre-screening method for risk assessment and business impact analysis.

Overview of Book:

• Includes a review of risk analysis, risk assessment, and vulnerability assessments
• Introduces System Development Life Cycle (SDLC) and Business Process Life Cycle (BPLC), and integrates risk analysis and assessment into these processes
• Discusses the need to develop a standard set of controls, and details how to apply regulations such as GLBA, HIPAA, SOX, ISO 17799, and others
• Explains how to use qualitative risk assessment concepts and FRAAP to conduct business impact analyses and determine information classification requirements
• Contains samples of forms, controls, policies, letters, and spreadsheets needed to complete the risk analysis and assessment processes

Here are the contents of this book.

Author: Thomas R. Peltier
Publisher: Auerbach Publications
ISBN 10: 1439839565
ISBN 13: 9781439839560
Pages: 456
Format: Hard Cover
Published Date: 12 March 2010
Availability: Ex Stock

Related Products

	Information Security Fundamentals		$59.95 USD