Developing an Enterprise Continuity Program
River Publishers (Verlag)
978-87-7022-397-3 (ISBN)
The book discusses the recommendations of the ISO 22301: 2019 standard “Security and resilience — Business continuity management systems — Requirements” for improving the BCM of organizations based on the well-known “Plan-Do-Check-Act” (PDCA) model. It also discusses the recommendations of the following ISO management systems standards that are widely used to support BCM. The ISO 9001 standard "Quality Management Systems"; ISO 14001 "Environmental Management Systems"; ISO 31000 "Risk Management", ISO/IEC 20000-1 "Information Technology - Service Management", ISO/IEC 27001 "Information Management security systems”, ISO 28000 “Specification for security management systems for the supply chain”, ASIS ORM.1-2017, NIST SP800-34, NFPA 1600: 2019, COBIT 2019, RESILIA, ITIL V4 and MOF 4.0, etc. The book expands on the best practices of the British Business Continuity Institute’s Good Practice Guidelines (2018 Edition), along with guidance from the Disaster Recovery Institute’s Professional Practices for Business Continuity Management (2017 Edition). Possible methods of conducting ECP projects in the field of BCM are considered in detail. Based on the practical experience of the author there are examples of Risk Assessment (RA) and Business Impact Analysis (BIA), examples of Business Continuity Plans (BCP) & Disaster Recovery Plans (DRP) and relevant BCP & DRP testing plans.
This book will be useful to Chief Information Security Officers, internal and external Certified Information Systems Auditors, senior managers within companies who are responsible for ensuring business continuity and cyber stability, as well as teachers and students of MBA’s, CIO and CSO programs.
Sergei Petrenko was born in 1968 in Kaliningrad (K¨onigsberg). In 1991, he graduated with honors from the Leningrad State University with a degree in mathematics and engineering. In 1997 – adjuncture and in 2003, he obtained his doctorate. The designer of information security systems of critical information objects: Three national Centers for Monitoring Information Security Threats and two Situational-Crisis Centers (RCCs) of domestic state; Three operators of special information security services MSSP (Managed Security Service Provider) and MDR (Managed Detection and Response Services) and two virtual trusted communication operators MVNO; More than 10 State and corporate segments of the System for Detection, Prevention and Elimination of the Effects of Computer Attacks (SOPCA) and the System for Detection and Prevention of Computer Attacks (SPOCA); Five monitoring centers for information security threats and responding to information security incidents CERT (Computer Emergency Response Team) and CSIRT (Computer Security Incident Response Team) and two industrial CERT industrial Internet IIoT/IoT. Head of the State Scientific School "Mathematical and Software Support of Critical Objects of the Russian Federation". Expert of the Section on Information Security Problems of the Scientific Council under the Security Council of the Russian Federation. Scientific Editor of the magazine "Inside. Data protection". Doctor of Technical Sciences, Professor. It is part of the management of the Interregional Public Organization Association of Heads of Information Security Services (ARSIB), an independent non-profit organization Russian Union of IT Directors (SODIT). Author and co-author of 14 monographs and practical manuals of publishing houses "Springer Nature Switzerland AG", "River Publishers", "Peter", "Athena" and "DMK-Press": "Big Data Technologies for Monitoring of Computer Security: A Case Study of the Russian Federation", "Cyber Resilience", "Cyber Security Innovation for the Digital Economy: A Case Study of the Russian Federation", "Methods of information protection in the Internet", "Methods and technologies of information security of critical objects of the national infrastructure", "Methods and technologies of cloud security", "Audit of corporate Internet/Internet security", "Information Risk Management", "Information Security Policies" and more than 350 articles on information security issues (Proceedings of ISA RAS and SPIIRAS, journals "Cybersecurity issues", "Information security problems", "Open systems", "Inside: Information protection", "Security systems", "Electronics", "Communication Bulletin", "Network Journal", "Connect World of Connect", etc.).
Developing an Enterprise Continuity Program
Erscheinungsdatum | 06.08.2021 |
---|---|
Verlagsort | Gistrup |
Sprache | englisch |
Maße | 156 x 234 mm |
Gewicht | 1920 g |
Themenwelt | Informatik ► Datenbanken ► Data Warehouse / Data Mining |
Mathematik / Informatik ► Informatik ► Theorie / Studium | |
ISBN-10 | 87-7022-397-1 / 8770223971 |
ISBN-13 | 978-87-7022-397-3 / 9788770223973 |
Zustand | Neuware |
Haben Sie eine Frage zum Produkt? |
aus dem Bereich