Information Risk Management a Practitioner's Guide
This book provides a practical guide to implementing an information risk management process. The author takes you logically through the steps required to identify, assess and manage information risks within an organisation. Each step is explained clearly, supported by several generic examples, such...
Main Author: | |
---|---|
Format: | eBook |
Language: | English |
Published: |
London
BCS
2014
|
Subjects: | |
Online Access: | |
Collection: | O'Reilly - Collection details see MPG.ReNa |
Summary: | This book provides a practical guide to implementing an information risk management process. The author takes you logically through the steps required to identify, assess and manage information risks within an organisation. Each step is explained clearly, supported by several generic examples, such as examples of threats and vulnerabilities, as well as the types of controls to treat risk. Ways of presenting the risks, as well as supporting business cases, are also discussed. Other topics include: coverage of the CESG scheme, HMG security-related documents, such as the security policy framework and UK Government security classification scheme, typical threats and hazards, typical vulnerabilities, risk controls, methodologies and tools, and templates. There are references throughout to any appropriate standards, such as ISO27001 and ISO27005. -- |
---|---|
Physical Description: | 210 pages |
ISBN: | 9781780172675 9781780172668 9781780172682 1780172672 1780172664 |