Image from Google Jackets

Information security governance simplified : from the boardroom to the keyboard / Todd Fitzgerald.

By: Fitzgerald, Todd [author.]Material type: TextTextPublisher: Boca Raton : CRC Press, 2012Description: 1 online resource (xxviii, 403 pages)ISBN: 9780429131905; 9781466551282Subject(s): Information networks -- Security measures | Business intelligence | Information resources management | Information technology -- Security measuresAdditional physical formats: Print version: : No titleDDC classification: 005.8 LOC classification: TK5105.59 | .F58 2012Online access: Click here to view.
Contents:
ch. 1. Getting information security right : top to bottom ch. 2. Developing information security strategy ch. 3. Defining the security management organization ch. 4. Interacting with the C-suite ch. 5. Managing risk to an acceptable level ch. 6. Creating effective information security policies ch. 7. Security compliance using control frameworks ch. 8. Managerial controls : practical security considerations ch. 9. Technical controls : practical security considerations ch. 10. Operational controls : practical security considerations ch. 11. The auditors have arrived, now what? ch. 12. Effective security communications ch. 13. The law and information security ch. 14. Learning from information security incidents ch. 15. 17 ways to dismantle information security governance efforts.
Summary: Security practitioners must be able to build cost-effective security programs while also complying with government regulations. Information Security Governance Simplified: From the Boardroom to the Keyboard lays out these regulations in simple terms and explains how to use control frameworks to build an air-tight information security (IS) program and governance structure.Defining the leadership skills required by IS officers, the book examines the pros and cons of different reporting structures and highlights the various control frameworks available. It details the functions of the security department and considers the control areas, including physical, network, application, business continuity/disaster recover, and identity management. Todd Fitzgerald explains how to establish a solid foundation for building your security program and shares time-tested insights about what works and what doesn't when building an IS program. Highlighting security considerations for managerial, technical, and operational controls, it provides helpful tips for selling your program to management. It also includes tools to help you create a workable IS charter and your own IS policies. Based on proven experience rather than theory, the book gives you the tools and real-world insight needed to secure your information while ensuring compliance with government regulations. -- Provided by publisher.
Holdings
Item type Current library Home library Class number Status Date due Barcode Item reservations
E-book E-book Electronic publication Electronic publication Available
Total reservations: 0

An Auerbach book.

ch. 1. Getting information security right : top to bottom ch. 2. Developing information security strategy ch. 3. Defining the security management organization ch. 4. Interacting with the C-suite ch. 5. Managing risk to an acceptable level ch. 6. Creating effective information security policies ch. 7. Security compliance using control frameworks ch. 8. Managerial controls : practical security considerations ch. 9. Technical controls : practical security considerations ch. 10. Operational controls : practical security considerations ch. 11. The auditors have arrived, now what? ch. 12. Effective security communications ch. 13. The law and information security ch. 14. Learning from information security incidents ch. 15. 17 ways to dismantle information security governance efforts.

Security practitioners must be able to build cost-effective security programs while also complying with government regulations. Information Security Governance Simplified: From the Boardroom to the Keyboard lays out these regulations in simple terms and explains how to use control frameworks to build an air-tight information security (IS) program and governance structure.Defining the leadership skills required by IS officers, the book examines the pros and cons of different reporting structures and highlights the various control frameworks available. It details the functions of the security department and considers the control areas, including physical, network, application, business continuity/disaster recover, and identity management. Todd Fitzgerald explains how to establish a solid foundation for building your security program and shares time-tested insights about what works and what doesn't when building an IS program. Highlighting security considerations for managerial, technical, and operational controls, it provides helpful tips for selling your program to management. It also includes tools to help you create a workable IS charter and your own IS policies. Based on proven experience rather than theory, the book gives you the tools and real-world insight needed to secure your information while ensuring compliance with government regulations. -- Provided by publisher.

There are no comments on this title.

to post a comment.