Measuring and managing information risk : a FAIR approach /

Mostrar otras versiones (1)

"Using the factor analysis of information risk (FAIR) methodology developed over ten years and adopted by corporations worldwide, Measuring and Managing Information Risk provides a proven and credible framework for understanding, measuring, and analyzing information risk of any size or complexi...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autores principales: Freund, Jack (Autor), Jones, Jack (Autor)
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Oxford, UK : Butterworth-Heinemann, [2015]
Temas:
Risk management.
Data protection.
Computer security.
Gestion du risque.
Protection de l'information (Informatique)
S�ecurit�e informatique.
risk management.
BUSINESS & ECONOMICS > Management.
BUSINESS & ECONOMICS > Management Science.
BUSINESS & ECONOMICS > Industrial Management.
BUSINESS & ECONOMICS > Organizational Behavior.
Computer security
Data protection
Risk management
Acceso en línea:Texto completo

MARC

LEADER 00000cam a2200000 i 4500
001 SCIDIR_ocn889954672
003 OCoLC
005 20231120111720.0
006 m o d
007 cr cnu---unuuu
008 140904s2015 enk ob 001 0 eng d
040 |a OPELS  |b eng  |e rda  |e pn  |c OPELS  |d YDXCP  |d E7B  |d UMI  |d S4S  |d DEBBG  |d DEBSZ  |d B24X7  |d COO  |d OCLCQ  |d OCLCF  |d OCLCQ  |d LIV  |d OCLCQ  |d OCLCA  |d U3W  |d D6H  |d CEF  |d OTZ  |d AU@  |d WYU  |d AUD  |d VT2  |d LQU  |d OCLCQ  |d YDXIT  |d YDX  |d OCLCQ  |d OCLCO  |d OCLCQ  |d OCLCO 
019 |a 892421240  |a 910547270  |a 1105192389  |a 1105562342  |a 1176545821  |a 1192337236 
020 |a 9780127999326  |q (electronic book) 
020 |a 0127999329  |q (electronic book) 
020 |a 0124202314 
020 |a 9780124202313 
020 |z 9780124202313 
035 |a (OCoLC)889954672  |z (OCoLC)892421240  |z (OCoLC)910547270  |z (OCoLC)1105192389  |z (OCoLC)1105562342  |z (OCoLC)1176545821  |z (OCoLC)1192337236 
050 4 |a HD61  |b .F74 2015 
050 4 |a HF5548.37 
082 0 4 |a 658.155  |2 23 
082 0 4 |a 005.8  |2 23 
100 1 |a Freund, Jack,  |e author. 
245 1 0 |a Measuring and managing information risk :  |b a FAIR approach /  |c Jack Freund and Jack Jones. 
264 1 |a Oxford, UK :  |b Butterworth-Heinemann,  |c [2015] 
300 |a 1 online resource 
336 |a text  |b txt  |2 rdacontent 
337 |a computer  |b c  |2 rdamedia 
338 |a online resource  |b cr  |2 rdacarrier 
588 0 |a Online resource; title from PDF title page (ScienceDirect, viewed September 4, 2014). 
504 |a Includes bibliographical references and index. 
520 |a "Using the factor analysis of information risk (FAIR) methodology developed over ten years and adopted by corporations worldwide, Measuring and Managing Information Risk provides a proven and credible framework for understanding, measuring, and analyzing information risk of any size or complexity. Intended for organizations that need to either build a risk management program from the ground up or strengthen an existing one, this book provides a unique and fresh perspective on how to do a basic quantitative risk analysis. Covering such key areas as risk theory, risk calculation, scenario modeling, and communicating risk within the organization, Measuring and Managing Information Risk helps managers make better business decisions by understanding their organizational risk"--  |c Provided by publisher 
505 0 |a Front Cover; Measuring and Managing Information Risk; Copyright; Contents; Acknowledgments by Jack Jones; About the Authors; Preface by Jack Jones; WHAT THIS BOOK IS NOT, AND WHAT IT IS; Preface by Jack Freund; Chapter 1 -- Introduction; HOW MUCH RISK?; THE BALD TIRE; ASSUMPTIONS; TERMINOLOGY; THE BALD TIRE METAPHOR; RISK ANALYSIS VS RISK ASSESSMENT; EVALUATING RISK ANALYSIS METHODS; RISK ANALYSIS LIMITATIONS; WARNING-LEARNING HOW TO THINK ABOUT RISK JUST MAY CHANGE YOUR PROFESSIONAL LIFE; USING THIS BOOK; Chapter 2 -- Basic Risk Concepts; POSSIBILITY VERSUS PROBABILITY; PREDICTION. 
505 8 |a SUBJECTIVITY VERSUS OBJECTIVITYPRECISION VERSUS ACCURACY; Chapter 3 -- The FAIR Risk Ontology; DECOMPOSING RISK; LOSS EVENT FREQUENCY; THREAT EVENT FREQUENCY; CONTACT FREQUENCY; PROBABILITY OF ACTION; VULNERABILITY; THREAT CAPABILITY; DIFFICULTY; LOSS MAGNITUDE; PRIMARY LOSS MAGNITUDE; SECONDARY RISK; SECONDARY LOSS EVENT FREQUENCY; SECONDARY LOSS MAGNITUDE; ONTOLOGICAL FLEXIBILITY; Chapter 4 -- FAIR Terminology; RISK TERMINOLOGY; THREAT; THREAT COMMUNITY; THREAT PROFILING; VULNERABILITY EVENT; PRIMARY AND SECONDARY STAKEHOLDERS; LOSS FLOW; FORMS OF LOSS; Chapter 5 -- Measurement. 
505 8 |a MEASUREMENT AS REDUCTION IN UNCERTAINTYMEASUREMENT AS EXPRESSIONS OF UNCERTAINTY; BUT WE DON'T HAVE ENOUGH DATA ... AND NEITHER DOES ANYONE ELSE; CALIBRATION; EQUIVALENT BET TEST; Chapter 6 -- Analysis Process; THE TOOLS NECESSARY TO APPLY THE FAIR RISK MODEL; HOW TO APPLY THE FAIR RISK MODEL; PROCESS FLOW; SCENARIO BUILDING; THE ANALYSIS SCOPE; EXPERT ESTIMATION AND PERT; MONTE CARLO ENGINE; LEVELS OF ABSTRACTION; Chapter 7 -- Interpreting Results; WHAT DO THESE NUMBERS MEAN? (HOW TO INTERPRET FAIR RESULTS); UNDERSTANDING THE RESULTS TABLE; VULNERABILITY; PERCENTILES; UNDERSTANDING THE HISTOGRAM. 
505 8 |a UNDERSTANDING THE SCATTER PLOTQUALITATIVE SCALES; HEATMAPS; SPLITTING HEATMAPS; SPLITTING BY ORGANIZATION; SPLITTING BY LOSS TYPE; SPECIAL RISK CONDITIONS; UNSTABLE CONDITIONS; FRAGILE CONDITIONS; TROUBLESHOOTING RESULTS; Chapter 8 -- Risk Analysis Examples; OVERVIEW; INAPPROPRIATE ACCESS PRIVILEGES; PRIVILEGED INSIDER/SNOOPING/CONFIDENTIALITY; PRIVILEGED INSIDER/MALICIOUS/CONFIDENTIALITY; CYBER CRIMINAL/MALICIOUS/CONFIDENTIALITY; UNENCRYPTED INTERNAL NETWORK TRAFFIC; PRIVILEGED INSIDER/CONFIDENTIALITY; NONPRIVILEGED INSIDER/MALICIOUS; CYBER CRIMINAL/MALICIOUS; WEBSITE DENIAL OF SERVICE. 
505 8 |a ANALYSISBASIC ATTACKER/AVAILABILITY; Chapter 9 -- Thinking about Risk Scenarios Using FAIR; THE BOYFRIEND; SECURITY VULNERABILITIES; WEB APPLICATION RISK; CONTRACTORS; PRODUCTION DATA IN TEST ENVIRONMENTS; PASSWORD SECURITY; BASIC RISK ANALYSIS; PROJECT PRIORITIZATION; SMART COMPLIANCE; Going into business; CHAPTER SUMMARY; Chapter 10 -- Common Mistakes; MISTAKE CATEGORIES; CHECKING RESULTS; SCOPING; DATA; VARIABLE CONFUSION; MISTAKING TEF FOR LEF; MISTAKING RESPONSE LOSS FOR PRODUCTIVITY LOSS; CONFUSING SECONDARY LOSS WITH PRIMARY LOSS. 
650 0 |a Risk management. 
650 0 |a Data protection. 
650 0 |a Computer security. 
650 6 |a Gestion du risque.  |0 (CaQQLa)201-0055861 
650 6 |a Protection de l'information (Informatique)  |0 (CaQQLa)201-0061151 
650 6 |a S�ecurit�e informatique.  |0 (CaQQLa)201-0061152 
650 7 |a risk management.  |2 aat  |0 (CStmoGRI)aat300179502 
650 7 |a BUSINESS & ECONOMICS  |x Management.  |2 bisacsh 
650 7 |a BUSINESS & ECONOMICS  |x Management Science.  |2 bisacsh 
650 7 |a BUSINESS & ECONOMICS  |x Industrial Management.  |2 bisacsh 
650 7 |a BUSINESS & ECONOMICS  |x Organizational Behavior.  |2 bisacsh 
650 7 |a Computer security  |2 fast  |0 (OCoLC)fst00872484 
650 7 |a Data protection  |2 fast  |0 (OCoLC)fst00887958 
650 7 |a Risk management  |2 fast  |0 (OCoLC)fst01098164 
700 1 |a Jones, Jack,  |e author. 
776 0 8 |i Print version:  |a Freund, Jack.  |t Measuring and managing information risk.  |d Oxford, UK : Butterworth-Heinemann, [2015]  |z 9780124202313  |z 0124202314  |w (DLC) 2014033431  |w (OCoLC)892728005 
856 4 0 |u https://sciencedirect.uam.elogim.com/science/book/9780124202313  |z Texto completo 

Ejemplares similares