Cargando…
Information security risk management for ISO 27001/ISO 27002 /
Ideal for risk managers, information security managers, lead implementers, compliance managers and consultants, as well as providing useful background material for auditors, this book will enable readers to develop an ISO 27001-compliant risk assessment framework for their organisation and deliver r...
| Clasificación: | Libro Electrónico |
|---|---|
| Autores principales: | , |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Ely, Cambridgeshire, United Kingdom :
IT Governance Publishing,
[2019]
|
| Edición: | Third edition. |
| Temas: | |
| Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
MARC
| LEADER | 00000cam a2200000 i 4500 | ||
|---|---|---|---|
| 001 | OR_on1123220804 | ||
| 003 | OCoLC | ||
| 005 | 20231017213018.0 | ||
| 006 | m o d | ||
| 007 | cr unu|||||||| | ||
| 008 | 191017s2019 enka ob 000 0 eng d | ||
| 040 | |a UMI |b eng |e rda |e pn |c UMI |d OCLCF |d LGG |d WAU |d EBLCP |d CHVBK |d COO |d N$T |d OCLCQ |d OCLCA |d OCLCO |d OCLCQ |d YT1 |d OCLCO |d K6U |d OCLCQ | ||
| 019 | |a 1119624134 | ||
| 020 | |a 9781787781368 | ||
| 020 | |a 1787781364 | ||
| 020 | |a 9781787781399 |q (electronic bk.) | ||
| 020 | |a 1787781399 |q (electronic bk.) | ||
| 020 | |a 9781787781375 | ||
| 020 | |a 1787781372 | ||
| 029 | 1 | |a AU@ |b 000067040072 | |
| 029 | 1 | |a CHNEW |b 001069843 | |
| 029 | 1 | |a CHVBK |b 577490842 | |
| 029 | 1 | |a AU@ |b 000068475779 | |
| 035 | |a (OCoLC)1123220804 |z (OCoLC)1119624134 | ||
| 037 | |a CL0501000077 |b Safari Books Online | ||
| 050 | 4 | |a HF5548.37 | |
| 082 | 0 | 4 | |a 658.15/5 |2 23 |
| 049 | |a UAMI | ||
| 100 | 1 | |a Calder, Alan, |d 1957- |e author. | |
| 245 | 1 | 0 | |a Information security risk management for ISO 27001/ISO 27002 / |c Alan Calder, Steve G. Watkins. |
| 250 | |a Third edition. | ||
| 264 | 1 | |a Ely, Cambridgeshire, United Kingdom : |b IT Governance Publishing, |c [2019] | |
| 264 | 4 | |c ©2019 | |
| 300 | |a 1 online resource : |b illustrations | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 504 | |a Includes bibliographical references. | ||
| 588 | 0 | |a Online resource; title from title page (Safari, viewed October 16, 2019). | |
| 520 | |a Ideal for risk managers, information security managers, lead implementers, compliance managers and consultants, as well as providing useful background material for auditors, this book will enable readers to develop an ISO 27001-compliant risk assessment framework for their organisation and deliver real, bottom-line business benefits. | ||
| 505 | 0 | |a Cover; Title; Copyright; About The Authors; Contents; Introduction; Chapter 1: Risk management; Risk management: two phases; Enterprise risk management; Chapter 2: Risk assessment methodologies; Publicly available risk assessment standards; Qualitative versus quantitative; Quantitative risk analysis; Qualitative risk analysis; Chapter 3: Risk management objectives; Risk acceptance or tolerance; Information security risk management objectives; Risk management and process models; Chapter 4: Roles and responsibilities; Senior management commitment; The (lead) risk assessor; Other roles and responsibilities; | |
| 505 | 8 | |a Chapter 5: Risk assessment software; Gap analysis tools; Vulnerability assessment tools; Penetration testing; Risk assessment tools; Risk assessment tool descriptions; Chapter 6: Information security policy and scoping; Information security policy; Scope of the ISMS; Chapter 7: The ISO 27001 risk assessment; Overview of the risk assessment process; Chapter 8: Information assets; Assets within the scope; Grouping of assets; Asset dependencies; Asset owners; Sensitivity classification; Are vendors assets?; What about duplicate copies and backups? Identification of existing controls; | |
| 505 | 8 | |a Chapter 9: Threats and vulnerabilities; Threats; Vulnerabilities; Technical vulnerabilities; Chapter 10: Scenario-based risk assessment; Chapter 11: Impact, including asset valuation; Impacts; Defining impact; Estimating impact; The asset valuation table; Business, legal and contractual impact values; Reputational damage; Chapter 12: Likelihood; Risk analysis; Information to support assessments; Chapter 13: Risk level; The risk scale; Boundary calculations; Mid- point calculations; Chapter 14: Risk treatment and the selection of controls; Types of controls; Risk assessment and existing controls, Residual risk; Risk sharing; Optimising the solution; | |
| 505 | 8 | |a Chapter 15: The Statement of Applicability; Drafting the Statement of Applicability; Chapter 16: The gap analysis and risk treatment plan; Gap analysis; Risk treatment plan; Chapter 17: Repeating and reviewing the risk assessment; Appendix 1: vs Risk Cloud; Appendix 2: ISO 27001 implementation resources; Appendix 3: Books by the same authors; Further reading. | |
| 590 | |a O'Reilly |b O'Reilly Online Learning: Academic/Public Library Edition | ||
| 590 | |a eBooks on EBSCOhost |b EBSCO eBook Subscription Academic Collection - Worldwide | ||
| 650 | 0 | |a Computer security |x Management. | |
| 650 | 0 | |a Computer security |x Standards. | |
| 650 | 0 | |a Data protection |x Standards. | |
| 650 | 6 | |a Sécurité informatique |x Gestion. | |
| 650 | 6 | |a Sécurité informatique |x Normes. | |
| 650 | 6 | |a Protection de l'information (Informatique) |v Normes. | |
| 650 | 7 | |a Computer security |x Management. |2 fast |0 (OCoLC)fst00872493 | |
| 650 | 7 | |a Computer security |x Standards. |2 fast |0 (OCoLC)fst00872495 | |
| 650 | 7 | |a Data protection |x Standards. |2 fast |0 (OCoLC)fst00887972 | |
| 700 | 1 | |a Watkins, Steve, |d 1970- |e author. | |
| 710 | 2 | |a IT Governance Publishing, |e publisher. | |
| 776 | 0 | 8 | |i Print version: |a Calder, Alan. |t Information Security Risk Management for ISO 27001/ISO 27002, Third Edition. |b 3rd ed. |d Ely : IT Governance Ltd, 2019 |z 9781787781375 |
| 856 | 4 | 0 | |u https://learning.oreilly.com/library/view/~/9781787781382/?ar |z Texto completo (Requiere registro previo con correo institucional) |
| 938 | |a ProQuest Ebook Central |b EBLB |n EBL5894007 | ||
| 938 | |a EBSCOhost |b EBSC |n 2247477 | ||
| 994 | |a 92 |b IZTAP | ||