Practical Guide to Security Assessments, A

* Provides a detailed step-by-step methodology for performing an information security assessment * Details the history of information security and its evolution as a discipline * Covers ISO 17799, COBIT, and other standards * Includes a HIPAA questionnaire containing questions that ma...

Mô tả đầy đủ

Đã lưu trong:
Chi tiết về thư mục
Tác giả chính: Kairab, Sudhanshu
Định dạng: Sách
Ngôn ngữ:English
Được phát hành: CRC Press 2009
Truy cập trực tuyến:http://scholar.dlu.edu.vn/thuvienso/handle/DLU123456789/1367
Các nhãn: Thêm thẻ
Không có thẻ, Là người đầu tiên thẻ bản ghi này!
Thư viện lưu trữ: Thư viện Trường Đại học Đà Lạt
id oai:scholar.dlu.edu.vn:DLU123456789-1367
record_format dspace
spelling oai:scholar.dlu.edu.vn:DLU123456789-13672009-12-01T07:21:30Z Practical Guide to Security Assessments, A Kairab, Sudhanshu * Provides a detailed step-by-step methodology for performing an information security assessment * Details the history of information security and its evolution as a discipline * Covers ISO 17799, COBIT, and other standards * Includes a HIPAA questionnaire containing questions that map to all HIPAA security requirements * Contains questionnaires that cover common areas of information security * All questionnaires contain guidance to provide the user with a detailed explanation of why a question is relevant and what some of the potential related risks are * Offers more than 200 questions to ask during assessments The modern dependence upon information technology and the corresponding information security regulations and requirements force companies to evaluate the security of their core business processes, mission critical data, and supporting IT environment. Combine this with a slowdown in IT spending resulting in justifications of every purchase, and security professionals are forced to scramble to find comprehensive and effective ways to assess their environment in order to discover and prioritize vulnerabilities, and to develop cost-effective solutions that show benefit to the business. A Practical Guide to Security Assessments is a process-focused approach that presents a structured methodology for conducting assessments. The key element of the methodology is an understanding of business goals and processes, and how security measures are aligned with business risks. The guide also emphasizes that resulting security recommendations should be cost-effective and commensurate with the security risk. The methodology described serves as a foundation for building and maintaining an information security program. In addition to the methodology, the book includes an Appendix that contains questionnaires that can be modified and used to conduct security assessments. This guide is for security professionals who can immediately apply the methodology on the job, and also benefits management who can use the methodology to better understand information security and identify areas for improvement. INTRODUCTION EVOLUTION OF INFORMATION SECURITY INFORMATION SECURITY PROGRAM AND HOW SECURITY ASSESSMENTS FIT IN PLANNING INITIAL INFORMATION GATHERING BUSINESS PROCESS EVALUATION RISK ANALYSIS AND FINAL PRESENTATION INFORMATION SECURITY STANDARDS INFORMATION SECURITY LEGISLATION APPENDIX - SECURITY QUESTIONNAIRES/ CHECKLISTS 2009-12-01T07:21:29Z 2009-12-01T07:21:29Z 2004 Book http://scholar.dlu.edu.vn/thuvienso/handle/DLU123456789/1367 en application/rar CRC Press
institution Thư viện Trường Đại học Đà Lạt
collection Thư viện số
language English
description * Provides a detailed step-by-step methodology for performing an information security assessment * Details the history of information security and its evolution as a discipline * Covers ISO 17799, COBIT, and other standards * Includes a HIPAA questionnaire containing questions that map to all HIPAA security requirements * Contains questionnaires that cover common areas of information security * All questionnaires contain guidance to provide the user with a detailed explanation of why a question is relevant and what some of the potential related risks are * Offers more than 200 questions to ask during assessments The modern dependence upon information technology and the corresponding information security regulations and requirements force companies to evaluate the security of their core business processes, mission critical data, and supporting IT environment. Combine this with a slowdown in IT spending resulting in justifications of every purchase, and security professionals are forced to scramble to find comprehensive and effective ways to assess their environment in order to discover and prioritize vulnerabilities, and to develop cost-effective solutions that show benefit to the business. A Practical Guide to Security Assessments is a process-focused approach that presents a structured methodology for conducting assessments. The key element of the methodology is an understanding of business goals and processes, and how security measures are aligned with business risks. The guide also emphasizes that resulting security recommendations should be cost-effective and commensurate with the security risk. The methodology described serves as a foundation for building and maintaining an information security program. In addition to the methodology, the book includes an Appendix that contains questionnaires that can be modified and used to conduct security assessments. This guide is for security professionals who can immediately apply the methodology on the job, and also benefits management who can use the methodology to better understand information security and identify areas for improvement.
format Book
author Kairab, Sudhanshu
spellingShingle Kairab, Sudhanshu
Practical Guide to Security Assessments, A
author_facet Kairab, Sudhanshu
author_sort Kairab, Sudhanshu
title Practical Guide to Security Assessments, A
title_short Practical Guide to Security Assessments, A
title_full Practical Guide to Security Assessments, A
title_fullStr Practical Guide to Security Assessments, A
title_full_unstemmed Practical Guide to Security Assessments, A
title_sort practical guide to security assessments, a
publisher CRC Press
publishDate 2009
url http://scholar.dlu.edu.vn/thuvienso/handle/DLU123456789/1367
_version_ 1757660190889476096