Cargando…

IT Security Risk Control Management An Audit Preparation Plan /

Information security is more than configuring firewalls, removing viruses, hacking machines, or setting passwords. Creating and promoting a successful security program requires skills in organizational consulting, diplomacy, change management, risk analysis, and out-of-the-box thinking. IT Security...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Pompon, Raymond (Autor)
Autor Corporativo: SpringerLink (Online service)
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Berkeley, CA : Apress : Imprint: Apress, 2016.
Edición:1st ed. 2016.
Temas:
Acceso en línea:Texto Completo

MARC

LEADER 00000nam a22000005i 4500
001 978-1-4842-2140-2
003 DE-He213
005 20220124160025.0
007 cr nn 008mamaa
008 160914s2016 xxu| s |||| 0|eng d
020 |a 9781484221402  |9 978-1-4842-2140-2 
024 7 |a 10.1007/978-1-4842-2140-2  |2 doi 
050 4 |a QA76.9.A25 
072 7 |a UR  |2 bicssc 
072 7 |a UTN  |2 bicssc 
072 7 |a COM053000  |2 bisacsh 
072 7 |a UR  |2 thema 
072 7 |a UTN  |2 thema 
082 0 4 |a 005.8  |2 23 
100 1 |a Pompon, Raymond.  |e author.  |4 aut  |4 http://id.loc.gov/vocabulary/relators/aut 
245 1 0 |a IT Security Risk Control Management  |h [electronic resource] :  |b An Audit Preparation Plan /  |c by Raymond Pompon. 
250 |a 1st ed. 2016. 
264 1 |a Berkeley, CA :  |b Apress :  |b Imprint: Apress,  |c 2016. 
300 |a XXXI, 311 p. 33 illus., 11 illus. in color.  |b online resource. 
336 |a text  |b txt  |2 rdacontent 
337 |a computer  |b c  |2 rdamedia 
338 |a online resource  |b cr  |2 rdacarrier 
347 |a text file  |b PDF  |2 rda 
505 0 |a Part I: Getting a Handle on Things -- Chapter 1: Why Audit. Chapter 2: Assume Breach. Chapter 3: Risk Analysis: Assets and Impacts. Chapter 4: Risk Analysis: Natural Threats. Chapter 5: Risk Analysis: Adversarial Risk. Part II: Wrangling the Organization -- Chapter 6: Scope. Chapter 7: Governance. Chapter 8: Talking to the Suits. Chapter 9: Talking to the Techs. Chapter 10: Talking to the Users. Part III: Managing Risk with Controls -- Chapter 11: Policy. Chapter 12: Control Design. Chapter 13: Administrative Controls. Chapter 14: Vulnerability Management. Chapter 15: People Controls. Chapter 16: Logical Access Control. Chapter 17: Network Security Controls. Chapter 18: More Technical Controls. Chapter 19: Physical Security Controls. Part IV: Being Audited.-C hapter 20: Response Controls. Chapter 21: Starting the Audit. Chapter 22: Internal Audit. Chapter 23: Third Party Security. Chapter 24: Post Audit Improvement. . 
520 |a Information security is more than configuring firewalls, removing viruses, hacking machines, or setting passwords. Creating and promoting a successful security program requires skills in organizational consulting, diplomacy, change management, risk analysis, and out-of-the-box thinking. IT Security Risk Control Management provides step-by-step guidance for IT professionals on how to craft a successful security program. Readers will identify with the paradoxes of information security and discover handy tools that hook security controls into business processes, including: Building a security program that will fit neatly into an organization and change dynamically to suit both the needs of the organization and survive constant changing threats Preparing for and passing such common audits as PCI-DSS, SSAE-16, and ISO 27001. Calibrating the scope, and customizing security controls to fit into an organization's culture. Implementing the most challenging processes, pointing out common pitfalls and distractions. Framing security and risk issues to be clear and actionable so that decision makers, technical personnel, and users will listen and value your advice. With IT Security Risk Control Management, you will be able to construct an information security program, from inception to audit, with enduring, practical, hands-on advice, and actionable strategies for IT professionals. 
650 0 |a Data protection. 
650 0 |a Application software. 
650 1 4 |a Data and Information Security. 
650 2 4 |a Computer and Information Systems Applications. 
710 2 |a SpringerLink (Online service) 
773 0 |t Springer Nature eBook 
776 0 8 |i Printed edition:  |z 9781484221396 
776 0 8 |i Printed edition:  |z 9781484221419 
856 4 0 |u https://doi.uam.elogim.com/10.1007/978-1-4842-2140-2  |z Texto Completo 
912 |a ZDB-2-CWD 
912 |a ZDB-2-SXPC 
950 |a Professional and Applied Computing (SpringerNature-12059) 
950 |a Professional and Applied Computing (R0) (SpringerNature-43716)