top

  Info

  • Utilizzare la checkbox di selezione a fianco di ciascun documento per attivare le funzionalità di stampa, invio email, download nei formati disponibili del (i) record.

  Info

  • Utilizzare questo link per rimuovere la selezione effettuata.
Information security governance [[electronic resource] ] : a practical development and implementation approach / / Krag Brotby
Information security governance [[electronic resource] ] : a practical development and implementation approach / / Krag Brotby
Autore Brotby W. Krag
Pubbl/distr/stampa Hoboken, N.J., : John Wiley & Sons, c2009
Descrizione fisica 1 online resource (207 p.)
Disciplina 658.4
658.4/78
658.472
658.478
Collana Wiley series in systems engineering and management
Soggetto topico Data protection
Computer security - Management
Information technology - Security measures
Soggetto genere / forma Electronic books.
ISBN 1-118-58551-8
1-282-13756-5
9786612137563
0-470-47601-X
0-470-47600-1
Formato Materiale a stampa
Livello bibliografico Monografia
Lingua di pubblicazione eng
Nota di contenuto INFORMATION SECURITY GOVERNANCE; Contents; Acknowledgments; Introduction; 1. Governance Overview-How Do We Do It? What Do We Get Out of It?; 1.1 What Is It?; 1.2 Back to Basics; 1.3 Origins of Governance; 1.4 Governance Definition; 1.5 Information Security Governance; 1.6 Six Outcomes of Effective Security Governance; 1.7 Defining Information, Data, Knowledge; 1.8 Value of Information; 2. Why Governance?; 2.1 Benefits of Good Governance; 2.1.1 Aligning Security with Business Objectives; 2.1.2 Providing the Structure and Framework to Optimize Allocations of Limited Resources
2.1.3 Providing Assurance that Critical Decisions are Not Based on Faulty Information2.1.4 Ensuring Accountability for Safeguarding Critical Assets; 2.1.5 Increasing Trust of Customers and Stakeholders; 2.1.6 Increasing the Company's Worth; 2.1.7 Reducing Liability for Information Inaccuracy or Lack of Due Care in Protection; 2.1.8 Increasing Predictability and Reducing Uncertainty of Business Operations; 2.2 A Management Problem; 3. Legal and Regulatory Requirements; 3.1 Security Governance and Regulation; 4. Roles and Responsibilities; 4.1 The Board of Directors; 4.2 Executive Management
4.3 Security Steering Committee4.4 The CISO; 5. Strategic Metrics; 5.1 Governance Objectives; 5.1.1 Strategic Direction; 5.1.2 Ensuring Objectives are Achieved; 5.1.3 Risks Managed Appropriately; 5.1.4 Verifying that Resources are Used Responsibly; 6. Information Security Outcomes; 6.1 Defining Outcomes; 6.1.1 Strategic Alignment-Aligning Security Activities in Support of Organizational Objectives; 6.1.2 Risk Management-Executing Appropriate Measures to Manage Risks and Potential Impacts to an Acceptable Level
6.1.3 Business Process Assurance/Convergence-Integrating All Relevant Assurance Processes to Improve Overall Security and Efficiency6.1.4 Value Delivery-Optimizing Investments in Support of Organizational Objectives; 6.1.5 Resource Management-Using Organizational Resources Efficiently and Effectively; 6.1.6 Performance Measurement-Monitoring and Reporting on Security Processes to Ensure that Objectives are Achieved; 7. Security Governance Objectives; 7.1 Security Architecture; 7.1.1 Managing Complexity; 7.1.2 Providing a Framework and Road Map
7.1.3 Simplicity and Clarity through Layering and Modularization7.1.4 Business Focus Beyond the Technical Domain; 7.1.5 Objectives of Information Security Architectures; 7.1.6 SABSA Framework for Security Service Management; 7.1.7 SABSA Development Process; 7.1.8 SABSA Life Cycle; 7.1.9 SABSA Attributes; 7.2 CobiT; 7.3 Capability Maturity Model; 7.4 ISO/IEC 27001/27002; 7.4.1 ISO 27001; 7.4.2 ISO 27002; 7.5 Other Approaches; 7.5.1 National Cybersecurity Task Force, Information Security Governance: A Call to Action; 8. Risk Management Objectives; 8.1 Risk Management Responsibilities
8.2 Managing Risk Appropriately
Record Nr. UNINA-9910146407603321
Brotby W. Krag  
Hoboken, N.J., : John Wiley & Sons, c2009
Materiale a stampa
Lo trovi qui: Univ. Federico II
Opac: Controlla la disponibilità qui
Information security governance [[electronic resource] ] : a practical development and implementation approach / / Krag Brotby
Information security governance [[electronic resource] ] : a practical development and implementation approach / / Krag Brotby
Autore Brotby W. Krag
Pubbl/distr/stampa Hoboken, N.J., : John Wiley & Sons, c2009
Descrizione fisica 1 online resource (207 p.)
Disciplina 658.4
658.4/78
658.472
658.478
Collana Wiley series in systems engineering and management
Soggetto topico Data protection
Computer security - Management
Information technology - Security measures
ISBN 1-118-58551-8
1-282-13756-5
9786612137563
0-470-47601-X
0-470-47600-1
Formato Materiale a stampa
Livello bibliografico Monografia
Lingua di pubblicazione eng
Nota di contenuto INFORMATION SECURITY GOVERNANCE; Contents; Acknowledgments; Introduction; 1. Governance Overview-How Do We Do It? What Do We Get Out of It?; 1.1 What Is It?; 1.2 Back to Basics; 1.3 Origins of Governance; 1.4 Governance Definition; 1.5 Information Security Governance; 1.6 Six Outcomes of Effective Security Governance; 1.7 Defining Information, Data, Knowledge; 1.8 Value of Information; 2. Why Governance?; 2.1 Benefits of Good Governance; 2.1.1 Aligning Security with Business Objectives; 2.1.2 Providing the Structure and Framework to Optimize Allocations of Limited Resources
2.1.3 Providing Assurance that Critical Decisions are Not Based on Faulty Information2.1.4 Ensuring Accountability for Safeguarding Critical Assets; 2.1.5 Increasing Trust of Customers and Stakeholders; 2.1.6 Increasing the Company's Worth; 2.1.7 Reducing Liability for Information Inaccuracy or Lack of Due Care in Protection; 2.1.8 Increasing Predictability and Reducing Uncertainty of Business Operations; 2.2 A Management Problem; 3. Legal and Regulatory Requirements; 3.1 Security Governance and Regulation; 4. Roles and Responsibilities; 4.1 The Board of Directors; 4.2 Executive Management
4.3 Security Steering Committee4.4 The CISO; 5. Strategic Metrics; 5.1 Governance Objectives; 5.1.1 Strategic Direction; 5.1.2 Ensuring Objectives are Achieved; 5.1.3 Risks Managed Appropriately; 5.1.4 Verifying that Resources are Used Responsibly; 6. Information Security Outcomes; 6.1 Defining Outcomes; 6.1.1 Strategic Alignment-Aligning Security Activities in Support of Organizational Objectives; 6.1.2 Risk Management-Executing Appropriate Measures to Manage Risks and Potential Impacts to an Acceptable Level
6.1.3 Business Process Assurance/Convergence-Integrating All Relevant Assurance Processes to Improve Overall Security and Efficiency6.1.4 Value Delivery-Optimizing Investments in Support of Organizational Objectives; 6.1.5 Resource Management-Using Organizational Resources Efficiently and Effectively; 6.1.6 Performance Measurement-Monitoring and Reporting on Security Processes to Ensure that Objectives are Achieved; 7. Security Governance Objectives; 7.1 Security Architecture; 7.1.1 Managing Complexity; 7.1.2 Providing a Framework and Road Map
7.1.3 Simplicity and Clarity through Layering and Modularization7.1.4 Business Focus Beyond the Technical Domain; 7.1.5 Objectives of Information Security Architectures; 7.1.6 SABSA Framework for Security Service Management; 7.1.7 SABSA Development Process; 7.1.8 SABSA Life Cycle; 7.1.9 SABSA Attributes; 7.2 CobiT; 7.3 Capability Maturity Model; 7.4 ISO/IEC 27001/27002; 7.4.1 ISO 27001; 7.4.2 ISO 27002; 7.5 Other Approaches; 7.5.1 National Cybersecurity Task Force, Information Security Governance: A Call to Action; 8. Risk Management Objectives; 8.1 Risk Management Responsibilities
8.2 Managing Risk Appropriately
Record Nr. UNINA-9910830706103321
Brotby W. Krag  
Hoboken, N.J., : John Wiley & Sons, c2009
Materiale a stampa
Lo trovi qui: Univ. Federico II
Opac: Controlla la disponibilità qui
Information security governance : a practical development and implementation approach / / Krag Brotby
Information security governance : a practical development and implementation approach / / Krag Brotby
Autore Brotby W. Krag
Pubbl/distr/stampa Hoboken, N.J., : John Wiley & Sons, c2009
Descrizione fisica 1 online resource (207 p.)
Disciplina 658.4
658.4/78
658.472
658.478
Collana Wiley series in systems engineering and management
Soggetto topico Data protection
Computer security - Management
Information technology - Security measures
ISBN 1-118-58551-8
1-282-13756-5
9786612137563
0-470-47601-X
0-470-47600-1
Formato Materiale a stampa
Livello bibliografico Monografia
Lingua di pubblicazione eng
Nota di contenuto INFORMATION SECURITY GOVERNANCE; Contents; Acknowledgments; Introduction; 1. Governance Overview-How Do We Do It? What Do We Get Out of It?; 1.1 What Is It?; 1.2 Back to Basics; 1.3 Origins of Governance; 1.4 Governance Definition; 1.5 Information Security Governance; 1.6 Six Outcomes of Effective Security Governance; 1.7 Defining Information, Data, Knowledge; 1.8 Value of Information; 2. Why Governance?; 2.1 Benefits of Good Governance; 2.1.1 Aligning Security with Business Objectives; 2.1.2 Providing the Structure and Framework to Optimize Allocations of Limited Resources
2.1.3 Providing Assurance that Critical Decisions are Not Based on Faulty Information2.1.4 Ensuring Accountability for Safeguarding Critical Assets; 2.1.5 Increasing Trust of Customers and Stakeholders; 2.1.6 Increasing the Company's Worth; 2.1.7 Reducing Liability for Information Inaccuracy or Lack of Due Care in Protection; 2.1.8 Increasing Predictability and Reducing Uncertainty of Business Operations; 2.2 A Management Problem; 3. Legal and Regulatory Requirements; 3.1 Security Governance and Regulation; 4. Roles and Responsibilities; 4.1 The Board of Directors; 4.2 Executive Management
4.3 Security Steering Committee4.4 The CISO; 5. Strategic Metrics; 5.1 Governance Objectives; 5.1.1 Strategic Direction; 5.1.2 Ensuring Objectives are Achieved; 5.1.3 Risks Managed Appropriately; 5.1.4 Verifying that Resources are Used Responsibly; 6. Information Security Outcomes; 6.1 Defining Outcomes; 6.1.1 Strategic Alignment-Aligning Security Activities in Support of Organizational Objectives; 6.1.2 Risk Management-Executing Appropriate Measures to Manage Risks and Potential Impacts to an Acceptable Level
6.1.3 Business Process Assurance/Convergence-Integrating All Relevant Assurance Processes to Improve Overall Security and Efficiency6.1.4 Value Delivery-Optimizing Investments in Support of Organizational Objectives; 6.1.5 Resource Management-Using Organizational Resources Efficiently and Effectively; 6.1.6 Performance Measurement-Monitoring and Reporting on Security Processes to Ensure that Objectives are Achieved; 7. Security Governance Objectives; 7.1 Security Architecture; 7.1.1 Managing Complexity; 7.1.2 Providing a Framework and Road Map
7.1.3 Simplicity and Clarity through Layering and Modularization7.1.4 Business Focus Beyond the Technical Domain; 7.1.5 Objectives of Information Security Architectures; 7.1.6 SABSA Framework for Security Service Management; 7.1.7 SABSA Development Process; 7.1.8 SABSA Life Cycle; 7.1.9 SABSA Attributes; 7.2 CobiT; 7.3 Capability Maturity Model; 7.4 ISO/IEC 27001/27002; 7.4.1 ISO 27001; 7.4.2 ISO 27002; 7.5 Other Approaches; 7.5.1 National Cybersecurity Task Force, Information Security Governance: A Call to Action; 8. Risk Management Objectives; 8.1 Risk Management Responsibilities
8.2 Managing Risk Appropriately
Record Nr. UNINA-9910877629903321
Brotby W. Krag  
Hoboken, N.J., : John Wiley & Sons, c2009
Materiale a stampa
Lo trovi qui: Univ. Federico II
Opac: Controlla la disponibilità qui
PRAGMATIC security metrics : applying metametrics to information security / / W. Krag Brotby and Gary Hinson ; preface by M. E. Kabay
PRAGMATIC security metrics : applying metametrics to information security / / W. Krag Brotby and Gary Hinson ; preface by M. E. Kabay
Autore Brotby W. Krag
Edizione [1st edition]
Pubbl/distr/stampa Boca Raton, Fla. : , : CRC Press, , 2013
Descrizione fisica 1 online resource (507 p.)
Disciplina 658.478
Altri autori (Persone) HinsonGary
KabayMichel E
Soggetto topico Business enterprises - Computer networks - Security measures
Computer security
Data protection
Soggetto genere / forma Electronic books.
ISBN 0-429-11156-8
1-4398-8153-7
Formato Materiale a stampa
Livello bibliografico Monografia
Lingua di pubblicazione eng
Nota di contenuto Front Cover; Contents; Foreword; Preface; Acknowledgments; Office Memorandum; Chapter 1 - Introduction; Chapter 2 - Why Measure Information Security?; Chapter 3 - The Art and Science of Security Metrics; Chapter 4 - Audiences for Security Metrics; Chapter 5 - Finding Candidate Metrics; Chapter 6 - Metametrics and the PRAGMATIC Approach; Chapter 7 - 150+ Example Security Metrics; Chapter 8 - Designing PRAGMATIC Security Measurement System; Chapter 9 - Advanced Information Security Metrics; Chapter 10 - Downsides of Metrics; Chapter 11 - Using PRAGMATIC Metrics in Practice
Chapter 12 - Case StudyChapter 13 - Conclusions; Appendix A: PRAGMATIC Criteria; Appendix B: Business Model of Information Security (BMIS); Appendix C: Capability Maturity Model (CMM); Appendix D: Example Opinion Survey Form; Appendix E: SABSA Security Attributes Table; Appendix F: Prototype Metrics Catalog; Appendix G: Effect of Weighting the PRAGMATIC Criteria; Appendix H: ISO27k Maturity Scale Metrics; Appendix I: Sample Management Survey; Appendix J: Observer Bias; Appendix K: Observer Calibration; Appendix L: Bibliography; Back Cover
Record Nr. UNINA-9910462893303321
Brotby W. Krag  
Boca Raton, Fla. : , : CRC Press, , 2013
Materiale a stampa
Lo trovi qui: Univ. Federico II
Opac: Controlla la disponibilità qui
Pragmatic security metrics : applying metametrics to information security / / W. Krag Brotby and Gary Hinson ; preface by M.E. Kabay
Pragmatic security metrics : applying metametrics to information security / / W. Krag Brotby and Gary Hinson ; preface by M.E. Kabay
Autore Brotby W. Krag
Edizione [1st edition]
Pubbl/distr/stampa Boca Raton : , : CRC Press, Taylor & Francis Group, , [2013]
Descrizione fisica 1 online resource (xviii, 485 pages) : illustrations
Disciplina 658.478
Collana Gale eBooks
Soggetto topico Business enterprises - Computer networks - Security measures
Computer security
Data protection
ISBN 0-429-11156-8
1-4398-8153-7
Formato Materiale a stampa
Livello bibliografico Monografia
Lingua di pubblicazione eng
Nota di contenuto Front Cover; Contents; Foreword; Preface; Acknowledgments; Office Memorandum; Chapter 1 - Introduction; Chapter 2 - Why Measure Information Security?; Chapter 3 - The Art and Science of Security Metrics; Chapter 4 - Audiences for Security Metrics; Chapter 5 - Finding Candidate Metrics; Chapter 6 - Metametrics and the PRAGMATIC Approach; Chapter 7 - 150+ Example Security Metrics; Chapter 8 - Designing PRAGMATIC Security Measurement System; Chapter 9 - Advanced Information Security Metrics; Chapter 10 - Downsides of Metrics; Chapter 11 - Using PRAGMATIC Metrics in Practice
Chapter 12 - Case StudyChapter 13 - Conclusions; Appendix A: PRAGMATIC Criteria; Appendix B: Business Model of Information Security (BMIS); Appendix C: Capability Maturity Model (CMM); Appendix D: Example Opinion Survey Form; Appendix E: SABSA Security Attributes Table; Appendix F: Prototype Metrics Catalog; Appendix G: Effect of Weighting the PRAGMATIC Criteria; Appendix H: ISO27k Maturity Scale Metrics; Appendix I: Sample Management Survey; Appendix J: Observer Bias; Appendix K: Observer Calibration; Appendix L: Bibliography; Back Cover
Record Nr. UNINA-9910786243403321
Brotby W. Krag  
Boca Raton : , : CRC Press, Taylor & Francis Group, , [2013]
Materiale a stampa
Lo trovi qui: Univ. Federico II
Opac: Controlla la disponibilità qui
Pragmatic security metrics : applying metametrics to information security / / W. Krag Brotby and Gary Hinson ; preface by M.E. Kabay
Pragmatic security metrics : applying metametrics to information security / / W. Krag Brotby and Gary Hinson ; preface by M.E. Kabay
Autore Brotby W. Krag
Edizione [1st edition]
Pubbl/distr/stampa Boca Raton : , : CRC Press, Taylor & Francis Group, , [2013]
Descrizione fisica 1 online resource (xviii, 485 pages) : illustrations
Disciplina 658.478
Collana Gale eBooks
Soggetto topico Business enterprises - Computer networks - Security measures
Computer security
Data protection
ISBN 0-429-11156-8
1-4398-8153-7
Formato Materiale a stampa
Livello bibliografico Monografia
Lingua di pubblicazione eng
Nota di contenuto Front Cover; Contents; Foreword; Preface; Acknowledgments; Office Memorandum; Chapter 1 - Introduction; Chapter 2 - Why Measure Information Security?; Chapter 3 - The Art and Science of Security Metrics; Chapter 4 - Audiences for Security Metrics; Chapter 5 - Finding Candidate Metrics; Chapter 6 - Metametrics and the PRAGMATIC Approach; Chapter 7 - 150+ Example Security Metrics; Chapter 8 - Designing PRAGMATIC Security Measurement System; Chapter 9 - Advanced Information Security Metrics; Chapter 10 - Downsides of Metrics; Chapter 11 - Using PRAGMATIC Metrics in Practice
Chapter 12 - Case StudyChapter 13 - Conclusions; Appendix A: PRAGMATIC Criteria; Appendix B: Business Model of Information Security (BMIS); Appendix C: Capability Maturity Model (CMM); Appendix D: Example Opinion Survey Form; Appendix E: SABSA Security Attributes Table; Appendix F: Prototype Metrics Catalog; Appendix G: Effect of Weighting the PRAGMATIC Criteria; Appendix H: ISO27k Maturity Scale Metrics; Appendix I: Sample Management Survey; Appendix J: Observer Bias; Appendix K: Observer Calibration; Appendix L: Bibliography; Back Cover
Record Nr. UNINA-9910800036803321
Brotby W. Krag  
Boca Raton : , : CRC Press, Taylor & Francis Group, , [2013]
Materiale a stampa
Lo trovi qui: Univ. Federico II
Opac: Controlla la disponibilità qui
Pragmatic security metrics : applying metametrics to information security / / W. Krag Brotby and Gary Hinson ; preface by M.E. Kabay
Pragmatic security metrics : applying metametrics to information security / / W. Krag Brotby and Gary Hinson ; preface by M.E. Kabay
Autore Brotby W. Krag
Edizione [1st edition]
Pubbl/distr/stampa Boca Raton : , : CRC Press, Taylor & Francis Group, , [2013]
Descrizione fisica 1 online resource (xviii, 485 pages) : illustrations
Disciplina 658.478
Collana Gale eBooks
Soggetto topico Business enterprises - Computer networks - Security measures
Computer security
Data protection
ISBN 0-429-11156-8
1-4398-8153-7
Formato Materiale a stampa
Livello bibliografico Monografia
Lingua di pubblicazione eng
Nota di contenuto Front Cover; Contents; Foreword; Preface; Acknowledgments; Office Memorandum; Chapter 1 - Introduction; Chapter 2 - Why Measure Information Security?; Chapter 3 - The Art and Science of Security Metrics; Chapter 4 - Audiences for Security Metrics; Chapter 5 - Finding Candidate Metrics; Chapter 6 - Metametrics and the PRAGMATIC Approach; Chapter 7 - 150+ Example Security Metrics; Chapter 8 - Designing PRAGMATIC Security Measurement System; Chapter 9 - Advanced Information Security Metrics; Chapter 10 - Downsides of Metrics; Chapter 11 - Using PRAGMATIC Metrics in Practice
Chapter 12 - Case StudyChapter 13 - Conclusions; Appendix A: PRAGMATIC Criteria; Appendix B: Business Model of Information Security (BMIS); Appendix C: Capability Maturity Model (CMM); Appendix D: Example Opinion Survey Form; Appendix E: SABSA Security Attributes Table; Appendix F: Prototype Metrics Catalog; Appendix G: Effect of Weighting the PRAGMATIC Criteria; Appendix H: ISO27k Maturity Scale Metrics; Appendix I: Sample Management Survey; Appendix J: Observer Bias; Appendix K: Observer Calibration; Appendix L: Bibliography; Back Cover
Record Nr. UNINA-9910818950103321
Brotby W. Krag  
Boca Raton : , : CRC Press, Taylor & Francis Group, , [2013]
Materiale a stampa
Lo trovi qui: Univ. Federico II
Opac: Controlla la disponibilità qui