Information Security Risk Analysis, Second Edition
The risk management process supports executive decision-making, allowing managers and owners to perform their fiduciary responsibility of protecting the assets of their enterprises. This crucial process should not be a long, drawn-out affair. To be effective, it must be done quickly and efficiently....
Đã lưu trong:
| Tác giả chính: | |
|---|---|
| Định dạng: | Sách |
| Ngôn ngữ: | English |
| Được phát hành: |
CRC Press
2009
|
| Truy cập trực tuyến: | https://scholar.dlu.edu.vn/thuvienso/handle/DLU123456789/1427 |
| Các nhãn: |
Thêm thẻ
Không có thẻ, Là người đầu tiên thẻ bản ghi này!
|
| Thư viện lưu trữ: | Thư viện Trường Đại học Đà Lạt |
|---|
| id |
oai:scholar.dlu.edu.vn:DLU123456789-1427 |
|---|---|
| record_format |
dspace |
| spelling |
oai:scholar.dlu.edu.vn:DLU123456789-14272009-12-02T07:32:30Z Information Security Risk Analysis, Second Edition Peltier, Thomas The risk management process supports executive decision-making, allowing managers and owners to perform their fiduciary responsibility of protecting the assets of their enterprises. This crucial process should not be a long, drawn-out affair. To be effective, it must be done quickly and efficiently. Information Security Risk Analysis, Second Edition enables CIOs, CSOs, and MIS managers to understand when, why, and how risk assessments and analyses can be conducted effectively. This book discusses the principle of risk management and its three key elements: risk analysis, risk assessment, and vulnerability assessment. It examines the differences between quantitative and qualitative risk assessment, and details how various types of qualitative risk assessment can be applied to the assessment process. The text offers a thorough discussion of recent changes to FRAAP and the need to develop a pre-screening method for risk assessment and business impact analysis. INTRODUCTION Frequently asked questions Conclusion RISK MANAGEMENT Overview Risk Management as Part of the Business Process Employee Roles and Responsibilities Information Security Life Cycle Risk Analysis Process Risk Assessment Cost-Benefit Analysis Risk Mitigation Final Thoughts RISK ASSESSMENT PROCESS Introduction Risk Assessment Process Information Is an Asset Risk Assessment Methodology Final Thoughts QUANTITATIVE VERSUS QUALITATIVE RISK ASSESSMENT Introduction Quantitative and Qualitative Pros and Cons Qualitative Risk Assessment Basics Qualitative Risk Assessment Using Tables The 30-Minute Risk Assessment Conclusion OTHER FORMS OF QUALITATIVE RISK ASSESSMENT Introduction Hazard Impact Analysis Questionnaires Single Time Loss Algorithm Conclusion FACILITATED RISK ANALYSIS AND ASSESSMENT PROCESS (FRAAP) Introduction FRAAP Overview Why The FRAAP Was Created Introducing the FRAAP to Your Organization Conclusion VARIATIONS ON THE FRAAP Overview Infrastructure FRAAP Conclusion MAPPING CONTROLS Controls Overview Creating Your Controls List Control List Examples BUSINESS IMPACT ANALYSIS (BIA) Overview Creating a BIA Process CONCLUSION Appendix A: Sample Risk Assessment Management Summary Report Appendix B: Terms and Definitions Appendix C: Bibliography 2009-12-02T07:32:30Z 2009-12-02T07:32:30Z 2005 Book https://scholar.dlu.edu.vn/thuvienso/handle/DLU123456789/1427 en application/rar CRC Press |
| institution |
Thư viện Trường Đại học Đà Lạt |
| collection |
Thư viện số |
| language |
English |
| description |
The risk management process supports executive decision-making, allowing managers and owners to perform their fiduciary responsibility of protecting the assets of their enterprises. This crucial process should not be a long, drawn-out affair. To be effective, it must be done quickly and efficiently.
Information Security Risk Analysis, Second Edition enables CIOs, CSOs, and MIS managers to understand when, why, and how risk assessments and analyses can be conducted effectively. This book discusses the principle of risk management and its three key elements: risk analysis, risk assessment, and vulnerability assessment. It examines the differences between quantitative and qualitative risk assessment, and details how various types of qualitative risk assessment can be applied to the assessment process. The text offers a thorough discussion of recent changes to FRAAP and the need to develop a pre-screening method for risk assessment and business impact analysis. |
| format |
Book |
| author |
Peltier, Thomas |
| spellingShingle |
Peltier, Thomas Information Security Risk Analysis, Second Edition |
| author_facet |
Peltier, Thomas |
| author_sort |
Peltier, Thomas |
| title |
Information Security Risk Analysis, Second Edition |
| title_short |
Information Security Risk Analysis, Second Edition |
| title_full |
Information Security Risk Analysis, Second Edition |
| title_fullStr |
Information Security Risk Analysis, Second Edition |
| title_full_unstemmed |
Information Security Risk Analysis, Second Edition |
| title_sort |
information security risk analysis, second edition |
| publisher |
CRC Press |
| publishDate |
2009 |
| url |
https://scholar.dlu.edu.vn/thuvienso/handle/DLU123456789/1427 |
| _version_ |
1819815070095376384 |