Buy Information Security Governance – A Practical Development and Implementation Approach
Logo1
Login & Sign up
AddBanner
Home icon Home
Account Icon Account
Wishlist Icon Wishlist
Cart Icon Cart
humburger icon Categories
Book 1
Book 2
Book 3
Book 1
Book 2
Book 3
Book 1
Book 2
Book 3
Book 1
Book 2
Book 3
Home > Science, Technology & Agriculture > Electronics and communications engineering > Information Security Governance – A Practical Development and Implementation Approach
Information Security Governance – A Practical Development and Implementation Approach

Information Security Governance – A Practical Development and Implementation Approach


     0     
5
4
3
2
1
Write Reviews


Out of Stock


Notify me when this book is in stock
X

Information Security Governance – A Practical Development and Implementation Approach

Format: Other digital

About the Book

The Growing Imperative Need for Effective Information Security Governance With monotonous regularity, headlines announce ever more spectacular failures of information security and mounting losses. The succession of corporate debacles and dramatic control failures in recent years underscores the necessity for information security to be tightly integrated into the fabric of every organization. The protection of an organization's most valuable asset information can no longer be relegated to low-level technical personnel, but must be considered an essential element of corporate governance that is critical to organizational success and survival. Written by an industry expert, Information Security Governance is the first book-length treatment of this important topic, providing readers with a step-by-step approach to developing and managing an effective information security program. Beginning with a general overview of governance, the book covers: The business case for information security Defining roles and responsibilities Developing strategic metrics Determining information security outcomes Setting security governance objectives Establishing risk management objectives Developing a cost-effective security strategy A sample strategy development The steps for implementing an effective strategy Developing meaningful security program development metrics Designing relevant information security management metrics Defining incident management and response metrics Complemented with action plans and sample policies that demonstrate to readers how to put these ideas into practice, Information Security Governance is indispensable reading for any professional who is involved in information security and assurance.

Table of Contents:
INTRODUCTION. CHAPTER 1: GOVERNANCE OVERVIEW. 1.1 What Is It? 1.2 Back to Basics. 1.3 Origins of Governance. 1.4 Governance Definition. 1.5 Information Security Governance. 1.6 Six Outcomes of Effective Security Governance. 1.7 Defining Information, Data, Knowledge. 1.8 Value of Information. CHAPTER 2: WHY GOVERNANCE? 2.1 Benefits of Good Governance. 2.1.1 Aligning Security with Business Objectives. 2.1.2 Providing the structure and framework to optimize allocations of limited resources. 2.1.3 Providing assurance that critical decisions are not based on faulty information. 2.1.4 Ensuring accountability for safeguarding critical assets. 2.1.5 Increasing trust of customers and stakeholders. 2.1.6 Increasing the company's worth. 2.1.7 Reducing liability for information inaccuracy or lack of due care in protection. 2.1.8 Increasing predictability and reducing uncertainty of business operations. 2.2 A Management Problem. CHAPTER 3: LEGAL AND REGULATORY REQUIREMENTS. 3.1 Security Governance and Regulation. CHAPTER 4: ROLES & RESPONSIBILITIES. 4.1 The Board of Directors. 4.2 Executive Management. 4.3 Security Steering Committee. 4.4 The CISCO. CHAPTER: STRATEGIC METRICS. 5.1 Governance Objectives. 5.1.1 Strategic Direction. 5.1.2 Ensuring Objectives are Achieved. 5.1.3. Risks Managed Appropriately. 5.1.4 Verifying Resources are Used Responsibly. CHAPTER 6: INFORMATION SECURITY OUTCOMES. 6.1 Defining Outcomes. 6.1.1 Strategic alignment. 6.1.2 Risk Management. 6.1.3 Business process assurance / convergence. 6.1.4 Value delivery. 6.1.5 Resource management. 6.1.6 Performance measurement. CHAPTER 7: SECURITY GOVERNANCE OBJECTIVES. 7.1 Security Architecture. 7.1.1 Managing Complexity. 7.1.2 Providing a Framework & Road Map. 7.1.3 Simplicity & Clarity through Layering & Modularisation. 7.1.4 Business Focus beyond the Technical Domain. 7.1.5 Objectives of Information Security Architectures. 7.1.6 SABSA Framework for Security Service Management. 7.1.7 SABSA Development Process. 7.1.8 SABSA Lifecycle. 7.1.9 SABSA Attributes. 7.2 COBIT. 7.3 Capability Maturity Model. 7.4 ISO/IEC 27001/ 27002. 7.4.1 ISO 27001. 7.4.2 ISO 27002. 7.5 Other Approaches. 7.5.1 National Cybersecurity Task Force. CHAPTER 8: RISK MANAGEMENT OBJECTIVES. Risk Management Responsibilities. Managing Risk Appropriately. 8.1 Determining Risk Management Objectives. 8.1.1 Recovery Time Objectives. CHAPTER 9: CURRENT STATE. 9.1 Current State of Security. 9.2 Current State of Risk Management. 9.3 Gap Analysis - Unmitigated Risk. 9.3.1 SABSA. 9.3.2 CMM. CHAPTER 10: DEVELOPING A SECURITY STRATEGY. 10.1 Failures of Strategy. 10.2 Attributes of A Good Security Strategy. 10.3 Strategy Resources. 10.3.1 Utilizing Architecture for Strategy Development. 10.3.2 Using Cobit for Strategy Development. 10.3.3 Using CMM for Strategy Development. 10.4 STRATEGY CONSTRAINTS. 10.4.1 Contextual constraints. 10.4.2 Operational constraints. CHAPTER 11: SAMPLE STRATEGY DEVELOPMENT. 11.1 The Process. CHAPTER 12: IMPLEMENTING STRATEGY. Action Plan Intermediate Goals. Action Plan Metrics. Re-engineering. Inadequate Performance. 12.1 Elements Of Strategy. 12.1.1 Policy Development. Attributes of Good Policies. Sample Policy Development. Other Policies. 12.1.2 Standards. Attributes of Good Standards. Sample Standards. Classifications. Standard Statement. CHAPTER 13: SECURITY PROGRAM DEVELOPMENT METRICS. 13.1 Information Security Program Development Metrics. 13.2 Program Development Operational Metrics. CHAPTER 14: INFORMATION SECURITY MANAGEMENT METRICS. 14.1 Management Metrics. 14.2 Security Management Decision Support Metrics. 14.4 CISO Decisions. 14.2.1 Strategic alignment. 14.2.2 Risk Management. 14.2.3 Metrics for Risk Management. 14.2.4 Assurance Process Integration. 14.2.5 Value Delivery. 14.2.6 Resource Management. 14.2.7 Performance Measurement. 14.7 Information Security Operational Metrics. 14.3.1 IT and Information Security Management. 14.3.2 Compliance Metrics. CHAPTER 15: INCIDENT MANAGEMENT AND RESPONSE METRICS. 15.1 Incident Management Decision Support Metrics. Conclusion. Appendix A. SABSA Business Attributes & Metrics. Appendix B. Cultural Worldviews. Heirarchists. Egalitarians. Individualists. Fatalists.

About the Author :
Krag Brotby, cism, has more than twenty-five years of experience in the computer security field with a focus on governance, metrics, and architecture. A frequent presenter at security conferences, he has authored a variety of publications on information security risk management, governance, and metrics. A principal author and editor of the ISACA CISM review manual and related presentation materials, he has served on the CISM Practice Analysis Task Force defining the information security practice area for the coming years.

Best Sellers

See All
Too Good To Be True
Quick View

Too Good To Be True Prajakta Koli

No Review Yet

AED32

Thank You for Leaving
Quick View

Thank You for Leaving Rithvik Singh

No Review Yet

AED33

Atomic Habits (EXP)
Quick View

Atomic Habits (EXP) James Clear

No Review Yet

AED81

My First Library
Quick View

My First Library

No Review Yet

AED55

Dopamine Detox
Quick View

Dopamine Detox Thibaut Meurisse

No Review Yet

AED27

Money Myths and Mantras
Quick View

Money Myths and Mantras Devina Mehra

No Review Yet

AED35

Meditations
Quick View

Meditations Marcus Aurelius

No Review Yet

AED30

Harry Potter Box Set: The Complete Collection (Children’s Paperback)
Quick View

Harry Potter Box Set: The Complete Collection (Children’s Paperback) J.K. Rowling

No Review Yet

AED227

Atomic Habits
Quick View

Atomic Habits James Clear

No Review Yet

AED47

The Art of Being Alone
Quick View

The Art of Being Alone Renuka Gavrani

No Review Yet

AED87

Animals Tales From Panchtantra
Quick View

Animals Tales From Panchtantra

No Review Yet

AED35

My First Book of Patterns Pencil Control
Quick View

My First Book of Patterns Pencil Control No Author

No Review Yet

AED23

Product Details
  • ISBN-13: 9780470476017
  • Publisher: John Wiley and Sons Ltd
  • Publisher Imprint: Wiley-Blackwell
  • Height: 250 mm
  • No of Pages: 208
  • Weight: 666 gr
  • ISBN-10: 047047601X
  • Publisher Date: 10 Nov 2008
  • Binding: Other digital
  • Language: English
  • Spine Width: 15 mm
  • Width: 150 mm

Similar Products

Add Photo
Add Photo

Customer Reviews

REVIEWS      0     
Click Here To Be The First to Review this Product
Information Security Governance – A Practical Development and Implementation Approach
John Wiley and Sons Ltd -
Information Security Governance – A Practical Development and Implementation Approach
Writing guidlines
We want to publish your review, so please:
  • keep your review on the product. Review's that defame author's character will be rejected.
  • Keep your review focused on the product.
  • Avoid writing about customer service. contact us instead if you have issue requiring immediate attention.
  • Refrain from mentioning competitors or the specific price you paid for the product.
  • Do not include any personally identifiable information, such as full names.

Information Security Governance – A Practical Development and Implementation Approach

Required fields are marked with *

Review Title*
Review
    Add Photo Add up to 6 photos
    Would you recommend this product to a friend?
    Tag this Book Read more
    Does your review contain spoilers?
    What type of reader best describes you?
    I agree to the terms & conditions
    You may receive emails regarding this submission. Any emails will include the ability to opt-out of future communications.

    CUSTOMER RATINGS AND REVIEWS AND QUESTIONS AND ANSWERS TERMS OF USE

    These Terms of Use govern your conduct associated with the Customer Ratings and Reviews and/or Questions and Answers service offered by Bookswagon (the "CRR Service").


    By submitting any content to Bookswagon, you guarantee that:
    • You are the sole author and owner of the intellectual property rights in the content;
    • All "moral rights" that you may have in such content have been voluntarily waived by you;
    • All content that you post is accurate;
    • You are at least 13 years old;
    • Use of the content you supply does not violate these Terms of Use and will not cause injury to any person or entity.
    You further agree that you may not submit any content:
    • That is known by you to be false, inaccurate or misleading;
    • That infringes any third party's copyright, patent, trademark, trade secret or other proprietary rights or rights of publicity or privacy;
    • That violates any law, statute, ordinance or regulation (including, but not limited to, those governing, consumer protection, unfair competition, anti-discrimination or false advertising);
    • That is, or may reasonably be considered to be, defamatory, libelous, hateful, racially or religiously biased or offensive, unlawfully threatening or unlawfully harassing to any individual, partnership or corporation;
    • For which you were compensated or granted any consideration by any unapproved third party;
    • That includes any information that references other websites, addresses, email addresses, contact information or phone numbers;
    • That contains any computer viruses, worms or other potentially damaging computer programs or files.
    You agree to indemnify and hold Bookswagon (and its officers, directors, agents, subsidiaries, joint ventures, employees and third-party service providers, including but not limited to Bazaarvoice, Inc.), harmless from all claims, demands, and damages (actual and consequential) of every kind and nature, known and unknown including reasonable attorneys' fees, arising out of a breach of your representations and warranties set forth above, or your violation of any law or the rights of a third party.


    For any content that you submit, you grant Bookswagon a perpetual, irrevocable, royalty-free, transferable right and license to use, copy, modify, delete in its entirety, adapt, publish, translate, create derivative works from and/or sell, transfer, and/or distribute such content and/or incorporate such content into any form, medium or technology throughout the world without compensation to you. Additionally,  Bookswagon may transfer or share any personal information that you submit with its third-party service providers, including but not limited to Bazaarvoice, Inc. in accordance with  Privacy Policy


    All content that you submit may be used at Bookswagon's sole discretion. Bookswagon reserves the right to change, condense, withhold publication, remove or delete any content on Bookswagon's website that Bookswagon deems, in its sole discretion, to violate the content guidelines or any other provision of these Terms of Use.  Bookswagon does not guarantee that you will have any recourse through Bookswagon to edit or delete any content you have submitted. Ratings and written comments are generally posted within two to four business days. However, Bookswagon reserves the right to remove or to refuse to post any submission to the extent authorized by law. You acknowledge that you, not Bookswagon, are responsible for the contents of your submission. None of the content that you submit shall be subject to any obligation of confidence on the part of Bookswagon, its agents, subsidiaries, affiliates, partners or third party service providers (including but not limited to Bazaarvoice, Inc.)and their respective directors, officers and employees.

    Accept

    See All

    Inspired by your browsing history


    Your review has been submitted!

    You've already reviewed this product!