Information Risk Management: A Practitioner's Guide

Add to Wishlist

Information Risk Management: A Practitioner's Guide

Paperback(2nd ed.)

$58.99

View All Available Formats & Editions

Paperback(2nd ed.)
$58.99

View All Available Formats & Editions

SHIP THIS ITEM

In stock. Ships in 1-2 days.
PICK UP IN STORE

Your local store may have stock of this item.

Available within 2 business hours

Want it Today?
Check Store Availability

Related collections and offers

Overview

Information risk management (IRM) is about identifying, assessing, prioritising and treating risks to keep information secure and available. This accessible book is a practical guide to understanding the principles of IRM and developing a strategic approach to an IRM programme. It is the only textbook for the BCS Practitioner Certificate in Information Risk Management and this new edition reflects recent changes to the syllabus and to the wider discipline.

Product Details

ISBN-13:	9781780175720
Publisher:	BCS, the Chartered Institute for IT
Publication date:	09/27/2021
Edition description:	2nd ed.
Pages:	274
Product dimensions:	6.69(w) x 9.61(h) x 0.51(d)

About the Author

David Sutton's career in IT spans more than 50 years and includes voice and data networking, information security and critical information infrastructure protection. He has been a member of the BCS Professional Certification Information Security Panel since 2005 and has delivered lectures on information risk management and business continuity at the Royal Holloway University of London. He is the author of BCS book 'Cyber Security' and co-author of 'Information Security Management Principles' and 'Data Governance.'

1. The need for information risk management

2. Review of information security fundamentals

3. The information risk management programme

4. Risk identification

5. Threat and vulnerability assessment

6. Risk analysis and risk evaluation

7. Risk treatment

8. Risk reporting and presentation

9. Communication, consultation, monitoring and review

10. The NCSC Certified Certification scheme

11. HMG Security-related documents

12. Appendix A – Taxonomies and descriptions

13. Appendix B – Typical threats and hazards

14. Appendix C – Typical vulnerabilities

15. Appendix D – Information Risk Controls

16. Appendix E – Methodologies, guidelines and tools

17. Appendix F - Templates

18. Appendix G – HMG cyber security guidelines

19. References and further reading

From the B&N Reads Blog

Page 1 of

Editorial Reviews

Information risk management is an integral part of every business and the author presents its lifecycle in an easy-to-follow and well-organised format with real-life examples, tools and templates. I highly recommend the book also as a valuable reference for legislation, standards, methodologies and frameworks for risk professionals to follow.

Sema Yuce CISM CRISC CISA

This book is essential reading for any risk management practitioner. The author’s many years of practical experience in the subject shine through, it is clearly written and easy to follow. The book sets out the best approach when identifying and evaluating risk and the factors to consider when treating it in a pragmatic way. The examples give context and aid understanding and the appendices are comprehensive and a go-to source of useful information on risk. Highly recommended, this will be on my bookshelf.

David Alexander

This book should be mandatory reading within any business to understand the scale and scope of the landscape within which their information security and assurance professionals need to operate.

Andrea Simmons PhD FBCS CITP CISM CISSP MA CIPP/E CIPM

Information risk management is an integral part of every business and the author presents its lifecycle in an easy-to-follow and well-organised format with real-life examples, tools and templates. I highly recommend the book also as a valuable reference for legislation, standards, methodologies and frameworks for risk professionals to follow.

Sema Yuce

Information is the 21st century’s new gold and protecting such a volatile asset is a tremendous challenge. This book provides many keys to understanding important concepts and possible approaches for mitigating the associated risks.

Lionel Dupré

This book is a well written and illustrated throughout, covering the subject area to a sufficient level of detail for both novices and experienced practitioners requiring a refresher. A very practical and complete guide to managing risks within an organisation.

Mehmet Hurer

Information is the 21st century’s new gold and protecting such a volatile asset is a tremendous challenge. This book provides many keys to understanding important concepts and possible approaches for mitigating the associated risks.

Lionel Dupré

Anyone wishing to become an InfoSec risk management practitioner MUST purchase this book. David has produced an extremely useful and readable book for those entering this discipline and indeed those practitioners wishing to have an invaluable reference resource sitting on their bookshelf. I highly recommended it.

John Hughes

Information Risk Management: A Practitioner's Guide

Information Risk Management: A Practitioner's Guide

Paperback(2nd ed.)

Paperback(2nd ed.)

Related collections and offers

Overview

Product Details

About the Author

Table of Contents

Customer Reviews

Related collections and offers

Overview

Product Details

About the Author

Table of Contents

Related Subjects

Customer Reviews