Description |
1 online resource (375 pages) : illustrations |
Contents |
1. Developing Policies -- 2. Organization of Information Security -- 3. Cryptology -- 4. Risk Management: The Facilitated Risk Analysis and Assessment Process -- 5. Building and Maintaining an Effective Security Awareness Program -- 6. Physical Security -- 7. Disaster Recovery and Business Continuity Planning -- 8. Continuity of Operations Planning -- 9. Access Controls -- 10. Information System Development, Acquisition, and Maintenance -- 11. Information Security Incident Management -- 12. Asset Classification -- 13. Threats to Information Security -- 14. Information Security Policies: A Practitioner's View -- Glossary -- Appendix A. Facilitated Risk Analysis and Assessment Process (FRAAP) -- Appendix B. Business Impact Analysis |
Summary |
"Effective security rules and procedures do not exist for their own sake-they are put in place to protect critical assets, thereby supporting overall business objectives. Recognizing security as a business enabler is the first step in building a successful program. Information Security Fundamentals allows future security professionals to gain a solid understanding of the foundations of the field and the entire range of issues that practitioners must address. This book enables students to understand the key elements that comprise a successful information security program and eventually apply these concepts to their own efforts. The book examines the elements of computer security, employee roles and responsibilities, and common threats. It examines the need for management controls, policies and procedures, and risk analysis, and also presents a comprehensive list of tasks and objectives that make up a typical information protection program. The volume discusses organizationwide policies and their documentation, and legal and business requirements. It explains policy format, focusing on global, topic-specific, and application-specific policies. Following a review of asset classification, the book explores access control, the components of physical security, and the foundations and processes of risk analysis and risk management. Information Security Fundamentals concludes by describing business continuity planning, including preventive controls, recovery strategies, and ways to conduct a business impact analysis"-- Provided by publisher |
Bibliography |
Includes bibliographical references |
Notes |
English |
|
Print version record |
Subject |
Computer security
|
|
Data protection.
|
|
Computer Security
|
|
BUSINESS & ECONOMICS -- Commerce.
|
|
COMPUTERS -- Information Technology.
|
|
COMPUTERS -- Security -- General.
|
|
Computer security
|
|
Data protection
|
Form |
Electronic book
|
ISBN |
9781439810637 |
|
143981063X |
|
9781439810620 |
|
1439810621 |
|
0429130287 |
|
9780429130281 |
|