Information Security Risk Analysis, Second Edition - Thomas R. Peltier

Information Security Risk Analysis, Second Edition

(Autor)

Buch | Hardcover
360 Seiten
2005 | 2nd New edition
Auerbach (Verlag)
978-0-8493-3346-0 (ISBN)
75,95 inkl. MwSt
zur Neuauflage
  • Titel erscheint in neuer Auflage
  • Artikel merken
Zu diesem Artikel existiert eine Nachauflage
The risk management process supports executive decision-making, allowing managers and owners to perform their fiduciary responsibility of protecting the assets of their enterprises. This book discusses the principle of risk management and its three key elements: risk analysis, risk assessment, and vulnerability assessment.
The risk management process supports executive decision-making, allowing managers and owners to perform their fiduciary responsibility of protecting the assets of their enterprises. This crucial process should not be a long, drawn-out affair. To be effective, it must be done quickly and efficiently.

Information Security Risk Analysis, Second Edition enables CIOs, CSOs, and MIS managers to understand when, why, and how risk assessments and analyses can be conducted effectively. This book discusses the principle of risk management and its three key elements: risk analysis, risk assessment, and vulnerability assessment. It examines the differences between quantitative and qualitative risk assessment, and details how various types of qualitative risk assessment can be applied to the assessment process. The text offers a thorough discussion of recent changes to FRAAP and the need to develop a pre-screening method for risk assessment and business impact analysis.

INTRODUCTION
Frequently asked questions
Conclusion

RISK MANAGEMENT
Overview
Risk Management as Part of the Business Process
Employee Roles and Responsibilities
Information Security Life Cycle
Risk Analysis Process
Risk Assessment
Cost-Benefit Analysis
Risk Mitigation
Final Thoughts

RISK ASSESSMENT PROCESS
Introduction
Risk Assessment Process
Information Is an Asset
Risk Assessment Methodology
Final Thoughts

QUANTITATIVE VERSUS QUALITATIVE RISK
ASSESSMENT
Introduction
Quantitative and Qualitative Pros and Cons
Qualitative Risk Assessment Basics
Qualitative Risk Assessment Using Tables
The 30-Minute Risk Assessment
Conclusion

OTHER FORMS OF QUALITATIVE RISK ASSESSMENT
Introduction
Hazard Impact Analysis
Questionnaires
Single Time Loss Algorithm
Conclusion

FACILITATED RISK ANALYSIS AND ASSESSMENT
PROCESS (FRAAP)
Introduction
FRAAP Overview
Why The FRAAP Was Created
Introducing the FRAAP to Your Organization
Conclusion

VARIATIONS ON THE FRAAP
Overview
Infrastructure FRAAP
Conclusion

MAPPING CONTROLS
Controls Overview
Creating Your Controls List
Control List Examples

BUSINESS IMPACT ANALYSIS (BIA)
Overview
Creating a BIA Process

CONCLUSION

Appendix A: Sample Risk Assessment Management Summary Report

Appendix B: Terms and Definitions

Appendix C: Bibliography

Erscheint lt. Verlag 26.4.2005
Zusatzinfo 109 Tables, black and white; 20 Illustrations, black and white
Verlagsort London
Sprache englisch
Maße 156 x 235 mm
Gewicht 658 g
Themenwelt Informatik Theorie / Studium Kryptologie
ISBN-10 0-8493-3346-6 / 0849333466
ISBN-13 978-0-8493-3346-0 / 9780849333460
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Nachauflage
2010
149,60 €
Vorauflage
2001
57,35 €
Mehr entdecken
aus dem Bereich
auf Facebook teilen
bei Twitter
Link zu dieser Seite kopieren