Info
- Utilizzare la checkbox di selezione a fianco di ciascun documento per attivare le funzionalità di stampa, invio email, download nei formati disponibili del (i) record.
Information risk management : a practitioner's guide / / David Sutton
| Information risk management : a practitioner's guide / / David Sutton |
| Autore | Sutton David (Information security practitioner) |
| Edizione | [1st edition] |
| Pubbl/distr/stampa | Wiltshire, England : , : BCS The Chartered Institute for IT, , 2014 |
| Descrizione fisica | 1 online resource (245 p.) |
| Disciplina | 658.4038 |
| Soggetto topico | Information technology - Management |
| Soggetto genere / forma | Electronic books. |
| ISBN |
1-78017-265-6
1-78017-266-4 |
| Formato | Materiale a stampa  |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Cover; Copyright; CONTENTS; LIST OF FIGURES AND TABLES; AUTHOR; ACKNOWLEDGMENTS; ABBREVIATIONS; DEFINITIONS, STANDARDS AND GLOSSARY OF TERMS; PREFACE; 1 THE NEED FOR INFORMATION RISK MANAGEMENT; INTRODUCTION; WHAT IS INFORMATION?; THE INFORMATION LIFE CYCLE; WHO SHOULD USE INFORMATION RISK MANAGEMENT?; THE LEGAL FRAMEWORK; THE CONTEXT OF RISK IN THE ORGANISATION; THE BENEFITS OF TAKING ACCOUNT OF INFORMATION RISK; OVERVIEW OF THE INFORMATION RISK MANAGEMENT PROCESS; 2 REVIEW OF INFORMATION SECURITY FUNDAMENTALS; INFORMATION CLASSIFICATION; PLAN, DO, CHECK, ACT
3 THE INFORMATION RISK MANAGEMENT PROGRAMMEGOALS, SCOPE AND OBJECTIVES; ROLES AND RESPONSIBILITIES; GOVERNANCE OF THE RISK MANAGEMENT PROGRAMME; INFORMATION RISK MANAGEMENT CRITERIA; 4 RISK IDENTIFICATION; THE APPROACH TO RISK IDENTIFICATION; IMPACT ASSESSMENT; TYPES OF IMPACT; QUALITATIVE AND QUANTITATIVE ASSESSMENTS; 5 THREAT AND VULNERABILITY ASSESSMENT; CONDUCTING THREAT ASSESSMENTS; CONDUCTING VULNERABILITY ASSESSMENTS; IDENTIFICATION OF EXISTING CONTROLS; 6 RISK ANALYSIS AND RISK EVALUATION; ASSESSMENT OF LIKELIHOOD; RISK ANALYSIS; RISK EVALUATION; 7 RISK TREATMENT STRATEGIC RISK OPTIONSTACTICAL RISK MANAGEMENT CONTROLS; OPERATIONAL RISK MANAGEMENT CONTROLS; EXAMPLES OF CRITICAL CONTROLS AND CONTROL CATEGORIES; 8 RISK REPORTING AND PRESENTATION; BUSINESS CASES; RISK TREATMENT DECISION-MAKING; RISK TREATMENT PLANNING AND IMPLEMENTATION; BUSINESS CONTINUITY AND DISASTER RECOVERY; 9 COMMUNICATION, CONSULTATION, MONITORING AND REVIEW; COMMUNICATION; CONSULTATION; RISK REVIEWS AND MONITORING; 10 THE CESG IA CERTIFICATION SCHEME; THE CESG IA CERTIFICATION SCHEME; SKILLS FRAMEWORK FOR THE INFORMATION AGE (SFIA); THE IISP INFORMATION SECURITY SKILLS FRAMEWORK 11 HMG SECURITY-RELATED DOCUMENTSHMG SECURITY POLICY FRAMEWORK; UK GOVERNMENT SECURITY CLASSIFICATIONS; APPENDIX A TAXONOMIES AND DESCRIPTIONS; INFORMATION RISK; TYPICAL IMPACTS OR CONSEQUENCES; APPENDIX B TYPICAL THREATS AND HAZARDS; MALICIOUS INTRUSION (HACKING); ENVIRONMENTAL THREATS; ERRORS AND FAILURES; SOCIAL ENGINEERING; MISUSE AND ABUSE; PHYSICAL THREATS; MALWARE; APPENDIX C TYPICAL VULNERABILITIES; ACCESS CONTROL; POOR PROCEDURES; PHYSICAL AND ENVIRONMENTAL SECURITY; COMMUNICATIONS AND OPERATIONS MANAGEMENT; PEOPLE-RELATED SECURITY FAILURES; APPENDIX D INFORMATION RISK CONTROLS STRATEGIC CONTROLSTACTICAL CONTROLS; OPERATIONAL CONTROLS; CRITICAL SECURITY CONTROLS VERSION 5.0; ISO/IEC 27001 CONTROLS; NIST SPECIAL PUBLICATION 800-53 REVISION 4; APPENDIX E METHODOLOGIES, GUIDELINES AND TOOLS; METHODOLOGIES; OTHER GUIDELINES AND TOOLS; APPENDIX F TEMPLATES; APPENDIX G HMG CYBER SECURITY GUIDELINES; HMG CYBER ESSENTIALS SCHEME; 10 STEPS TO CYBER SECURITY; APPENDIX H REFERENCES AND FURTHER READING; PRIMARY UK LEGISLATION; GOOD PRACTICE GUIDELINES; OTHER REFERENCE MATERIAL; CESG CERTIFIED PROFESSIONAL SCHEME; OTHER UK GOVERNMENT PUBLICATIONS; RISK MANAGEMENT METHODOLOGIES NEWS ARTICLES ETC. |
| Record Nr. | UNINA-9910463651603321 |
Sutton David (Information security practitioner)
|
||
| Wiltshire, England : , : BCS The Chartered Institute for IT, , 2014 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Information risk management : a practitioner's guide / / David Sutton
| Information risk management : a practitioner's guide / / David Sutton |
| Autore | Sutton David (Information security practitioner) |
| Edizione | [1st edition] |
| Pubbl/distr/stampa | Wiltshire, England : , : BCS The Chartered Institute for IT, , 2014 |
| Descrizione fisica | 1 online resource (245 p.) |
| Disciplina | 658.4038 |
| Soggetto topico | Information technology - Management |
| Soggetto genere / forma | Electronic books. |
| ISBN |
1-78017-265-6
1-78017-266-4 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Cover; Copyright; CONTENTS; LIST OF FIGURES AND TABLES; AUTHOR; ACKNOWLEDGMENTS; ABBREVIATIONS; DEFINITIONS, STANDARDS AND GLOSSARY OF TERMS; PREFACE; 1 THE NEED FOR INFORMATION RISK MANAGEMENT; INTRODUCTION; WHAT IS INFORMATION?; THE INFORMATION LIFE CYCLE; WHO SHOULD USE INFORMATION RISK MANAGEMENT?; THE LEGAL FRAMEWORK; THE CONTEXT OF RISK IN THE ORGANISATION; THE BENEFITS OF TAKING ACCOUNT OF INFORMATION RISK; OVERVIEW OF THE INFORMATION RISK MANAGEMENT PROCESS; 2 REVIEW OF INFORMATION SECURITY FUNDAMENTALS; INFORMATION CLASSIFICATION; PLAN, DO, CHECK, ACT
3 THE INFORMATION RISK MANAGEMENT PROGRAMMEGOALS, SCOPE AND OBJECTIVES; ROLES AND RESPONSIBILITIES; GOVERNANCE OF THE RISK MANAGEMENT PROGRAMME; INFORMATION RISK MANAGEMENT CRITERIA; 4 RISK IDENTIFICATION; THE APPROACH TO RISK IDENTIFICATION; IMPACT ASSESSMENT; TYPES OF IMPACT; QUALITATIVE AND QUANTITATIVE ASSESSMENTS; 5 THREAT AND VULNERABILITY ASSESSMENT; CONDUCTING THREAT ASSESSMENTS; CONDUCTING VULNERABILITY ASSESSMENTS; IDENTIFICATION OF EXISTING CONTROLS; 6 RISK ANALYSIS AND RISK EVALUATION; ASSESSMENT OF LIKELIHOOD; RISK ANALYSIS; RISK EVALUATION; 7 RISK TREATMENT STRATEGIC RISK OPTIONSTACTICAL RISK MANAGEMENT CONTROLS; OPERATIONAL RISK MANAGEMENT CONTROLS; EXAMPLES OF CRITICAL CONTROLS AND CONTROL CATEGORIES; 8 RISK REPORTING AND PRESENTATION; BUSINESS CASES; RISK TREATMENT DECISION-MAKING; RISK TREATMENT PLANNING AND IMPLEMENTATION; BUSINESS CONTINUITY AND DISASTER RECOVERY; 9 COMMUNICATION, CONSULTATION, MONITORING AND REVIEW; COMMUNICATION; CONSULTATION; RISK REVIEWS AND MONITORING; 10 THE CESG IA CERTIFICATION SCHEME; THE CESG IA CERTIFICATION SCHEME; SKILLS FRAMEWORK FOR THE INFORMATION AGE (SFIA); THE IISP INFORMATION SECURITY SKILLS FRAMEWORK 11 HMG SECURITY-RELATED DOCUMENTSHMG SECURITY POLICY FRAMEWORK; UK GOVERNMENT SECURITY CLASSIFICATIONS; APPENDIX A TAXONOMIES AND DESCRIPTIONS; INFORMATION RISK; TYPICAL IMPACTS OR CONSEQUENCES; APPENDIX B TYPICAL THREATS AND HAZARDS; MALICIOUS INTRUSION (HACKING); ENVIRONMENTAL THREATS; ERRORS AND FAILURES; SOCIAL ENGINEERING; MISUSE AND ABUSE; PHYSICAL THREATS; MALWARE; APPENDIX C TYPICAL VULNERABILITIES; ACCESS CONTROL; POOR PROCEDURES; PHYSICAL AND ENVIRONMENTAL SECURITY; COMMUNICATIONS AND OPERATIONS MANAGEMENT; PEOPLE-RELATED SECURITY FAILURES; APPENDIX D INFORMATION RISK CONTROLS STRATEGIC CONTROLSTACTICAL CONTROLS; OPERATIONAL CONTROLS; CRITICAL SECURITY CONTROLS VERSION 5.0; ISO/IEC 27001 CONTROLS; NIST SPECIAL PUBLICATION 800-53 REVISION 4; APPENDIX E METHODOLOGIES, GUIDELINES AND TOOLS; METHODOLOGIES; OTHER GUIDELINES AND TOOLS; APPENDIX F TEMPLATES; APPENDIX G HMG CYBER SECURITY GUIDELINES; HMG CYBER ESSENTIALS SCHEME; 10 STEPS TO CYBER SECURITY; APPENDIX H REFERENCES AND FURTHER READING; PRIMARY UK LEGISLATION; GOOD PRACTICE GUIDELINES; OTHER REFERENCE MATERIAL; CESG CERTIFIED PROFESSIONAL SCHEME; OTHER UK GOVERNMENT PUBLICATIONS; RISK MANAGEMENT METHODOLOGIES NEWS ARTICLES ETC. |
| Record Nr. | UNINA-9910537610603321 |
|
Sutton David (Information security practitioner)
|
||
| Wiltshire, England : , : BCS The Chartered Institute for IT, , 2014 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||