Book description
Security Risk Management is the definitive guide for building or running an information security risk management program. This book teaches practical techniques that will be used on a daily basis, while also explaining the fundamentals so students understand the rationale behind these practices. It explains how to perform risk assessments for new IT projects, how to efficiently manage daily risk activities, and how to qualify the current risk level for presentation to executive level management. While other books focus entirely on risk analysis methods, this is the first comprehensive text for managing security risks.
This book will help you to break free from the so-called best practices argument by articulating risk exposures in business terms. It includes case studies to provide hands-on experience using risk assessment tools to calculate the costs and benefits of any security investment. It explores each phase of the risk management lifecycle, focusing on policies and assessment processes that should be used to properly assess and mitigate risk. It also presents a roadmap for designing and implementing a security risk management program.
This book will be a valuable resource for CISOs, security managers, IT managers, security consultants, IT auditors, security analysts, and students enrolled in information security/assurance college programs.
- Named a 2011 Best Governance and ISMS Book by InfoSec Reviews
- Includes case studies to provide hands-on experience using risk assessment tools to calculate the costs and benefits of any security investment
- Explores each phase of the risk management lifecycle, focusing on policies and assessment processes that should be used to properly assess and mitigate risk
- Presents a roadmap for designing and implementing a security risk management program
Table of contents
- Cover Image
- Content
- Title
- Front Matter
- Copyright
- Preface
- Acknowledgments
- About the Author
- About the Technical Editor
- PART I. Introduction to Risk Management
- PART II. Risk Assessment and Analysis Techniques
- PART III. Building and Running a Risk Management Program
- APPENDIX A. Sample Security Risk Profile
- APPENDIX B. Qualitative Risk Scale Reference Tables
- APPENDIX C. Architectural Risk Analysis Reference Tables
- Index
Product information
- Title: Security Risk Management
- Author(s):
- Release date: April 2011
- Publisher(s): Syngress
- ISBN: 9781597496162
You might also like
video
Risk Management for Cybersecurity and IT Managers
Have you ever wondered why your organization's executives or your manager made a decision to fund …
book
Security Risk Assessment
Security Risk Assessment is the most up-to-date and comprehensive resource available on how to conduct a …
book
IT Security Risk Control Management: An Audit Preparation Plan
Follow step-by-step guidance to craft a successful security program. You will identify with the paradoxes of …
book
Cybersecurity Risk Management
Cybersecurity Risk Management In Cybersecurity Risk Management: Mastering the Fundamentals Using the NIST Cybersecurity Framework, veteran …