Information security fundamentals
"Effective security rules and procedures do not exist for their own sake-they are put in place to protect critical assets, thereby supporting overall business objectives. Recognizing security as a business enabler is the first step in building a successful program. Information Security Fundamen...
Main Author: | |
---|---|
Format: | eBook |
Language: | English |
Published: |
Boca Raton [Florida]
CRC Press, Taylor & Francis Group
2014
|
Edition: | Second edition |
Subjects: | |
Online Access: | |
Collection: | O'Reilly - Collection details see MPG.ReNa |
Table of Contents:
- 1. Developing Policies
- 2. Organization of Information Security
- 3. Cryptology
- 4. Risk Management: The Facilitated Risk Analysis and Assessment Process
- 5. Building and Maintaining an Effective Security Awareness Program
- 6. Physical Security
- 7. Disaster Recovery and Business Continuity Planning
- 8. Continuity of Operations Planning
- 9. Access Controls
- 10. Information System Development, Acquisition, and Maintenance
- 11. Information Security Incident Management
- 12. Asset Classification
- 13. Threats to Information Security
- 14. Information Security Policies: A Practitioner's View
- Glossary
- Appendix A. Facilitated Risk Analysis and Assessment Process (FRAAP)
- Appendix B. Business Impact Analysis
- Includes bibliographical references