The IT regulatory and standards compliance handbook /

Mostrar otras versiones (1)

This book provides comprehensive methodology, enabling the staff charged with an IT security audit to create a sound framework, allowing them to meet the challenges of compliance in a way that aligns with both business and technical needs. This "roadmap" provides a way of interpreting comp...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Wright, Craig
Otros Autores: Freedman, Brian, Liu, Dale
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Burlington, MA : Syngress Pub., ©2008.
Temas:
Information technology > Management.
Information resources management > Auditing.
Technologie de l'information > Gestion.
Information technology > Management
Acceso en línea:Texto completo (Requiere registro previo con correo institucional)

MARC

LEADER 00000cam a2200000 a 4500
001 OR_ocn272382259
003 OCoLC
005 20231017213018.0
006 m o d
007 cr cn|||||||||
008 081117s2008 maua ob 001 0 eng d
040 |a OPELS  |b eng  |e pn  |c OPELS  |d OCLCQ  |d UMI  |d CEF  |d E7B  |d UBY  |d CNCGM  |d NHM  |d DEBSZ  |d VLB  |d DKDLA  |d OCLCQ  |d COO  |d OCLCQ  |d OCLCF  |d D6H  |d WYU  |d UAB  |d LEAUB  |d OL$  |d VT2  |d OCLCO  |d OCLCQ  |d OCLCO 
019 |a 354465274  |a 475593736  |a 505079480  |a 646758961  |a 656470678  |a 712979639  |a 1044286048  |a 1056313904  |a 1074300089  |a 1097120073  |a 1192338888  |a 1240523659 
020 |a 9781597492669 
020 |a 1597492663 
024 8 |a 9786611755010 
029 1 |a AU@  |b 000057224394 
029 1 |a AU@  |b 000067092002 
029 1 |a CHBIS  |b 006041586 
029 1 |a CHBIS  |b 009872108 
029 1 |a CHNEW  |b 001007704 
029 1 |a CHVBK  |b 170598993 
029 1 |a CHVBK  |b 199204608 
029 1 |a DEBBG  |b BV042305740 
029 1 |a DEBSZ  |b 355443805 
029 1 |a DEBSZ  |b 405320221 
029 1 |a HEBIS  |b 291514103 
029 1 |a NZ1  |b 13068737 
029 1 |a NZ1  |b 15189680 
035 |a (OCoLC)272382259  |z (OCoLC)354465274  |z (OCoLC)475593736  |z (OCoLC)505079480  |z (OCoLC)646758961  |z (OCoLC)656470678  |z (OCoLC)712979639  |z (OCoLC)1044286048  |z (OCoLC)1056313904  |z (OCoLC)1074300089  |z (OCoLC)1097120073  |z (OCoLC)1192338888  |z (OCoLC)1240523659 
037 |a 154321:154483  |b Elsevier Science & Technology  |n http://www.sciencedirect.com 
050 4 |a HF5548.35  |b .W75 2008eb 
082 0 4 |a 004.068/1  |2 22 
082 0 4 |a 658.478  |2 22 
049 |a UAMI 
100 1 |a Wright, Craig. 
245 1 4 |a The IT regulatory and standards compliance handbook /  |c Craig Wright, Brian Freedman, Dale Liu. 
260 |a Burlington, MA :  |b Syngress Pub.,  |c ©2008. 
300 |a 1 online resource (xlii, 715 pages) :  |b illustrations 
336 |a text  |b txt  |2 rdacontent 
337 |a computer  |b c  |2 rdamedia 
338 |a online resource  |b cr  |2 rdacarrier 
520 |a This book provides comprehensive methodology, enabling the staff charged with an IT security audit to create a sound framework, allowing them to meet the challenges of compliance in a way that aligns with both business and technical needs. This "roadmap" provides a way of interpreting complex, often confusing, compliance requirements within the larger scope of an organization's overall needs. Key Features: * The ulitmate guide to making an effective security policy and controls that enable monitoring and testing against them * The most comprehensive IT compliance template available, giving detailed information on testing all your IT security, policy and governance requirements * A guide to meeting the minimum standard, whether you are planning to meet ISO 27001, PCI-DSS, HIPPA, FISCAM, COBIT or any other IT compliance requirement * Both technical staff responsible for securing and auditing information systems and auditors who desire to demonstrate their technical expertise will gain the knowledge, skills and abilities to apply basic risk analysis techniques and to conduct a technical audit of essential information systems from this book * This technically based, practical guide to information systems audit and assessment will show how the process can be used to meet myriad compliance issues 
505 0 |a Section 1: An Introduction to Information Systems Audit -- Chapter 1? Introduction; Chapter 2 -- Evolution of Information Systems; Chapter 3 -- The Information Systems Audit Program; Chapter 4? Planning; Chapter 5 -- Information Gathering ; Chapter 6? Basic Auditing strategies and Techniques -- Section 2: Security Policy and Procedures -- Chapter 7? Security Policy overview; Chapter 8? Policy Issues and fundamentals; Chapter 9 -- Policy Development; Chapter 10 -- Assessing Security Awareness and Knowledge of Policy; Chapter 11 -- Reviewing & Assessing Information Systems Policy and Procedures -- Section 3: Network Auditing -- Chapter 12? An introduction to Network Audit; Chapter 13? Specialist Network Audit Topics; Chapter 14? Auditing Cisco Routers and Switches; Chapter 15 -- Testing the Firewall -- Chapter 16? An Introduction to Wireless Technologies; Chapter 17?Wireless Audit Techniques; Chapter 18? Advanced Wireless Audit Techniques; Chapter 19 -- Analyzing The Results -- Section 4: Systems Audit -- Chapter 20 -- An Introduction to Systems Auditing; Chapter 21? Database Auditing; Chapter 22? Microsoft Windows Security and Audits; Chapter 23? Unix and Linux Audit; Chapter 24 -- Auditing Web-Based Applications; Chapter 25? Other Systems -- Section 5: Other Issues for the Auditor -- Chapter 26 -- Risk Management, Security Compliance and Audit Controls; Chapter 27 -- Information Systems Legislation; Chapter 28 -Operations Security; Chapter 29? Cryptography; Chapter 30? Malware -- Appendix A -- Preliminary Checklist to Gather Information; Appendix B -- Generic Questionnaire for Meetings with Business Process Owners; Appendix C -- Generic Questionnaire for Meetings with Technology Owners; Appendix D? Network and Systems Checklists; Appendix E -- Data Classification; Appendix F -- Data Retention; Appendix G -- Backup and Recovery; Appendix H -- Externally Hosted Services; Appendix I? Assessing Physical Security; Appendix J -- Incident Handling and Response; Appendix K -- Change Management; Appendix L? Sarbanes Oxley (SOX); Appendix M? PCI-DSS (Payment Card Industry? Data Security Standards); Appendix N -- ISO/IEC 17799/27001: Policy, ISMS & Awareness; Appendix O? Financial Services Requirements (BASEL II, Gramm-Leach-Bliley Act of 1999); Appendix P? FISMA; Appendix Q -- HIPAA Security; Appendix R? CobiT. 
500 |a "How to survive an information systems audit and assessments"--Cover 
504 |a Includes bibliographical references and index. 
505 0 |a Introduction to IT compliance -- Evolution on information systems -- The information systems audit program -- Planning -- Information gathering -- Security policy overview -- Policy issues and fundamentals -- Assessing security awareness and knowledge of policy -- An introduction to network audit -- Auditing Cisco routers and switches -- Testing the firewall -- Auditing and security with wireless technologies -- Analyzing the results -- An introduction to systems auditing -- Database auditing -- Microsoft Windows security and audits -- Auditing UNIX and Linux -- Auditing web-bases applications -- Other systems -- Risk management, security compliance, and audit controls -- Information systems legislation -- Operations security. 
588 0 |a Print version record. 
590 |a O'Reilly  |b O'Reilly Online Learning: Academic/Public Library Edition 
650 0 |a Information technology  |x Management. 
650 0 |a Information resources management  |x Auditing. 
650 6 |a Technologie de l'information  |x Gestion. 
650 7 |a Information technology  |x Management  |2 fast 
700 1 |a Freedman, Brian. 
700 1 |a Liu, Dale. 
776 0 8 |i Print version:  |a Wright, Craig.  |t IT regulatory and standards compliance handbook.  |d Burlington, MA : Syngress Pub., ©2008  |z 1597492663  |z 9781597492669  |w (DLC) 2008275631  |w (OCoLC)192082627 
856 4 0 |u https://learning.oreilly.com/library/view/~/9781597492669/?ar  |z Texto completo (Requiere registro previo con correo institucional) 
938 |a ebrary  |b EBRY  |n ebr10244606 
994 |a 92  |b IZTAP 

Ejemplares similares