IT Security Risk Control Management An Audit Preparation Plan
Information security is more than configuring firewalls, removing viruses, hacking machines, or setting passwords. Creating and promoting a successful security program requires skills in organizational consulting, diplomacy, change management, risk analysis, and out-of-the-box thinking. IT Security...
| Main Author: | |
|---|---|
| Format: | eBook |
| Language: | English |
| Published: |
Berkeley, CA
Apress
2016, 2016
|
| Edition: | 1st ed. 2016 |
| Subjects: | |
| Online Access: | |
| Collection: | Springer eBooks 2005- - Collection details see MPG.ReNa |
Table of Contents:
- Part I: Getting a Handle on Things
- Chapter 1: Why Audit. Chapter 2: Assume Breach. Chapter 3: Risk Analysis: Assets and Impacts. Chapter 4: Risk Analysis: Natural Threats. Chapter 5: Risk Analysis: Adversarial Risk. Part II: Wrangling the Organization
- Chapter 6: Scope. Chapter 7: Governance. Chapter 8: Talking to the Suits. Chapter 9: Talking to the Techs. Chapter 10: Talking to the Users. Part III: Managing Risk with Controls
- Chapter 11: Policy. Chapter 12: Control Design. Chapter 13: Administrative Controls. Chapter 14: Vulnerability Management. Chapter 15: People Controls. Chapter 16: Logical Access Control. Chapter 17: Network Security Controls. Chapter 18: More Technical Controls. Chapter 19: Physical Security Controls. Part IV: Being Audited.-C hapter 20: Response Controls. Chapter 21: Starting the Audit. Chapter 22: Internal Audit. Chapter 23: Third Party Security. Chapter 24: Post Audit Improvement.