In 2006, I published my first book for the information security professional. There was a clear need for a book written at the level of the information security engineer who required a guide on exactly how to perform an information security risk assessment. At the time (and still today), no other book was available that illustrated the steps required to execute an effective assessment of an organization’s information security controls. Now, in its second edition, The Security Risk Assessment Handbook continues to provide directions, techniques, and time-tested methods to properly perform one of the most difficult tasks in information security governance.
Since the publishing of the Handbook, I have performed hundreds of information security ...
Get Information Security Policies, Procedures, and Standards now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.