LEADER 04875oam 2200829I 450 001 9910410652603321 005 20240424230557.0 010 $a0-367-65922-0 010 $a1-4665-5128-3 010 $a0-429-13190-9 010 $a1-280-12163-7 010 $a9786613525499 010 $a1-4398-1165-2 024 7 $a10.1201/b11357 035 $a(CKB)2550000000074984 035 $a(EBL)826929 035 $a(OCoLC)804664124 035 $a(SSID)ssj0000551497 035 $a(PQKBManifestationID)11338738 035 $a(PQKBTitleCode)TC0000551497 035 $a(PQKBWorkID)10537750 035 $a(PQKB)11140193 035 $a(Au-PeEL)EBL826929 035 $a(CaPaEBR)ebr10517983 035 $a(CaONFJC)MIL352549 035 $a(OCoLC)785337393 035 $a(OCoLC)773298336 035 $a(OCoLC)880372906 035 $a(OCoLC)ocn880372906 035 $a(OCoLC)1298602846 035 $a(FINmELB)ELB156301 035 $a(CaSebORM)9781439811658 035 $a(MiAaPQ)EBC826929 035 $a(EXLCZ)992550000000074984 100 $a20180331d2012 uy 0 101 0 $aeng 135 $aur|n|---||||| 181 $ctxt 182 $cc 183 $acr 200 10$aInformation security governance simplified $efrom the boardroom to the keyboard /$fTodd Fitzgerald 205 $a1st edition 210 $aBoca Raton [Fla.] $cCRC Press$d2012 210 1$aBoca Raton :$cCRC Press,$d2012. 215 $a1 online resource (617 p.) 300 $aAn Auerbach book. 311 $a1-4665-3292-0 311 $a1-4398-1163-6 320 $aIncludes bibliographical references and index. 327 $aCover Page; Title Page; Copyright Page; Dedication; Contents; Foreword; Acknowledgments; Introduction; About The Author; Chapter 1: Getting Information Security Right: Top to Bottom; Chapter 2: Developing Information Security Strategy; Chapter 3: Defining the Security Management Organization; Chapter 4: Interacting with the C-Suite; Chapter 5: Managing Risk to an Acceptable Level; Chapter 6: Creating Effective Information Security Policies; Chapter 7: Security Compliance Using Control Frameworks; Chapter 8: Managerial Controls: Practical Security Considerations 327 $aChapter 9: Technical Controls: Practical Security ConsiderationsChapter 10: Operational Controls: Practical Security Considerations; Chapter 11: The Auditors Have Arrived, Now What?; Chapter 12: Effective Security Communications; Chapter 13: The Law and Information Security; Chapter 14: Learning From Information Security Incidents; Chapter 15: 17 Ways To Dismantle Information Security Governance Efforts; Index 330 $aSecurity practitioners must be able to build cost-effective security programs while also complying with government regulations. Information Security Governance Simplified: From the Boardroom to the Keyboard lays out these regulations in simple terms and explains how to use control frameworks to build an air-tight information security (IS) program and governance structure.Defining the leadership skills required by IS officers, the book examines the pros and cons of different reporting structures and highlights the various control frameworks available. It details the functions of the security department and considers the control areas, including physical, network, application, business continuity/disaster recover, and identity management. Todd Fitzgerald explains how to establish a solid foundation for building your security program and shares time-tested insights about what works and what doesn't when building an IS program. Highlighting security considerations for managerial, technical, and operational controls, it provides helpful tips for selling your program to management. It also includes tools to help you create a workable IS charter and your own IS policies. Based on proven experience rather than theory, the book gives you the tools and real-world insight needed to secure your information while ensuring compliance with government regulations. --$cProvided by publisher. 517 $aInformation Security Governance Simplified 606 $aInformation networks$xSecurity measures 606 $aInformation resources management 606 $aBusiness intelligence 606 $aInformation technology$xSecurity measures 615 0$aInformation networks$xSecurity measures. 615 0$aInformation resources management. 615 0$aBusiness intelligence. 615 0$aInformation technology$xSecurity measures. 676 $a005.8 686 $aBUS073000$aCOM032000$aCOM053000$2bisacsh 700 $aFitzgerald$b Todd.$0878882 702 $aPeltier$b Tom 801 0$bMiAaPQ 801 1$bMiAaPQ 801 2$bMiAaPQ 906 $aBOOK 912 $a9910410652603321 996 $aInformation security governance simplified$91962163 997 $aUNINA