Building and Implementing a Security Certification and Accreditation Program: Official (ISC)2 Guide to the CAPcm CBK
Building and Implementing a Security Certification and Accreditation Program: Official (ISC)2 Guide to the CAP CBK demonstrates the practicality and effectiveness of certification and accreditation (C&A) as a risk management methodology for IT systems in both public and private organizations. It...
Đã lưu trong:
| Tác giả chính: | |
|---|---|
| Định dạng: | Sách |
| Ngôn ngữ: | English |
| Được phát hành: |
CRC Press
2009
|
| Truy cập trực tuyến: | http://scholar.dlu.edu.vn/thuvienso/handle/DLU123456789/1442 |
| Các nhãn: |
Thêm thẻ
Không có thẻ, Là người đầu tiên thẻ bản ghi này!
|
| Thư viện lưu trữ: | Thư viện Trường Đại học Đà Lạt |
|---|
| id |
oai:scholar.dlu.edu.vn:DLU123456789-1442 |
|---|---|
| record_format |
dspace |
| spelling |
oai:scholar.dlu.edu.vn:DLU123456789-14422009-12-02T08:03:00Z Building and Implementing a Security Certification and Accreditation Program: Official (ISC)2 Guide to the CAPcm CBK Howard, Patrick Building and Implementing a Security Certification and Accreditation Program: Official (ISC)2 Guide to the CAP CBK demonstrates the practicality and effectiveness of certification and accreditation (C&A) as a risk management methodology for IT systems in both public and private organizations. It provides security professionals with an overview of C&A components, enabling them to document the status of the security controls of their IT systems, and learn how to secure systems via standard, repeatable processes. This book consists of four main sections. It begins with a description of what it takes to build a certification and accreditation program at the organization level, followed by an analysis of various C&A processes and how they interrelate. The text then provides a case study of the successful implementation of certification and accreditation in a major U.S. government department. It concludes by offering a collection of helpful samples in the appendices. Building a Successful Enterprise Certification and Accreditation Program Key Elements of an Enterprise Certification and Accreditation Program Certification and Accreditation Roles and Responsibilities The Certification and Accreditation Life Cycle Why Certification and Accreditation Programs Fail Certification and Accreditation Processes Certification and Accreditation Project Planning System Inventory Process Assessing Data Sensitivity and Criticality System Security Plans Coordinating Security for Interconnected Systems Minimum Security Baselines and Best Practices Assessing Risk Security Procedures Certification Testing Remediation Planning Essential Certification and Accreditation Documentation Documenting the Accreditation Decision Certification and Accreditation Case Study The Future of Certification and Accreditation Appendices Certification and Accreditation References Glossary Sample Statement of Work Sample Project Work Plan Sample Project Kickoff Presentation Outline Sample Project Wrap-Up Presentation Outline Sample System Inventory Policy Sample Business Impact Assessment Sample Rules of Behavior (General Support System) Sample Rules of Behavior (Major Application) Sample System Security Plan Outline Sample Memorandum of Understanding Sample Interconnection Security Agreement Sample Risk Assessment Outline Sample Security Procedure Sample Certification Test Results Matrix Sample Risk Remediation Plan Sample Certification Statement Sample Accreditation Letter Sample Interim Accreditation Letter 2009-12-02T08:03:00Z 2009-12-02T08:03:00Z 2005 Book http://scholar.dlu.edu.vn/thuvienso/handle/DLU123456789/1442 en application/rar CRC Press |
| institution |
Thư viện Trường Đại học Đà Lạt |
| collection |
Thư viện số |
| language |
English |
| description |
Building and Implementing a Security Certification and Accreditation Program: Official (ISC)2 Guide to the CAP CBK demonstrates the practicality and effectiveness of certification and accreditation (C&A) as a risk management methodology for IT systems in both public and private organizations. It provides security professionals with an overview of C&A components, enabling them to document the status of the security controls of their IT systems, and learn how to secure systems via standard, repeatable processes.
This book consists of four main sections. It begins with a description of what it takes to build a certification and accreditation program at the organization level, followed by an analysis of various C&A processes and how they interrelate. The text then provides a case study of the successful implementation of certification and accreditation in a major U.S. government department. It concludes by offering a collection of helpful samples in the appendices. |
| format |
Book |
| author |
Howard, Patrick |
| spellingShingle |
Howard, Patrick Building and Implementing a Security Certification and Accreditation Program: Official (ISC)2 Guide to the CAPcm CBK |
| author_facet |
Howard, Patrick |
| author_sort |
Howard, Patrick |
| title |
Building and Implementing a Security Certification and Accreditation Program: Official (ISC)2 Guide to the CAPcm CBK |
| title_short |
Building and Implementing a Security Certification and Accreditation Program: Official (ISC)2 Guide to the CAPcm CBK |
| title_full |
Building and Implementing a Security Certification and Accreditation Program: Official (ISC)2 Guide to the CAPcm CBK |
| title_fullStr |
Building and Implementing a Security Certification and Accreditation Program: Official (ISC)2 Guide to the CAPcm CBK |
| title_full_unstemmed |
Building and Implementing a Security Certification and Accreditation Program: Official (ISC)2 Guide to the CAPcm CBK |
| title_sort |
building and implementing a security certification and accreditation program: official (isc)2 guide to the capcm cbk |
| publisher |
CRC Press |
| publishDate |
2009 |
| url |
http://scholar.dlu.edu.vn/thuvienso/handle/DLU123456789/1442 |
| _version_ |
1757677423499935744 |