Understanding Risk Management and Compliance, What is Different After Monday, February 24, 2014 [NOOK Book]

Overview

We have new international standards!

The National Institute of Standards and Technology (NIST) released a Framework for Improving Critical Infrastructure Cybersecurity.

A common flow of information and decisions at the following levels within an organization:

• Executive
• Business/Process
• Implementation/Operations
The executive level communicates the mission priorities, ...

See more details below
Understanding Risk Management and Compliance, What is Different After Monday, February 24, 2014

Available on NOOK devices and apps  
  • NOOK Devices
  • Samsung Galaxy Tab 4 NOOK 7.0
  • Samsung Galaxy Tab 4 NOOK 10.1
  • NOOK HD Tablet
  • NOOK HD+ Tablet
  • NOOK eReaders
  • NOOK Color
  • NOOK Tablet
  • Tablet/Phone
  • NOOK for Windows 8 Tablet
  • NOOK for iOS
  • NOOK for Android
  • NOOK Kids for iPad
  • PC/Mac
  • NOOK for Windows 8
  • NOOK for PC
  • NOOK for Mac
  • NOOK for Web

Want a NOOK? Explore Now

NOOK Book (eBook)
$4.99
BN.com price

Overview

We have new international standards!

The National Institute of Standards and Technology (NIST) released a Framework for Improving Critical Infrastructure Cybersecurity.

A common flow of information and decisions at the following levels within an organization:

• Executive
• Business/Process
• Implementation/Operations
The executive level communicates the mission priorities, available resources, and overall risk tolerance to the business/process level.

The business/process level uses the information as inputs into the risk management process, and then collaborates with the implementation/operations level to communicate business needs and create a Profile.

The implementation/operations level communicates the Profile implementation progress to the business/process level.

The business/process level uses this information to perform an impact assessment.

Business/process level management reports the outcomes of that impact assessment to the executive level to inform the organization's overall risk management process and to the implementation/operations level for awareness of business impact.

Very interesting!

Also, the three main elements described in the document are the framework core, tiers and profiles.

The core presents five functions—identify, protect, detect, respond and recover—that taken together allow any organization to understand and shape its cybersecurity program.

The tiers describe the degree to which an organization's cybersecurity risk management meets goals set out in the framework and "range from informal, reactive responses to agile and risk-informed.

The profiles help organizations progress from a current level of cybersecurity sophistication to a target improved state that meets business needs.

This is a good time for a framework like that!

Cybersecurity threats exploit the increased complexity and connectivity of critical infrastructure systems, placing security, economy, and public safety and health at risk.

Similar to financial and reputational risk, cybersecurity risk affects a company's bottom line.

It can drive up costs and impact revenue. It can harm an organization's ability to innovate and to gain and maintain customers.

To better address these risks, the President issued Executive Order 13636, "Improving Critical Infrastructure Cybersecurity," on February 12, 2013, which established that "it is the Policy of the United States to enhance the security and resilience of the Nation's critical infrastructure and to maintain a cyber environment that encourages efficiency, innovation, and economic prosperity while promoting safety, security, business confidentiality, privacy, and civil liberties."

Read more at Number 2 below.

Welcome to the Top 10 list.

Read More Show Less

Product Details

Meet the Author

George Lekatis is the General Manager of Compliance LLC, a leading provider of risk and compliance training and executive coaching in 36 countries.George has more than 17,000 hours experience as a professional speaker and seminar leader. He has worked for more than 18 years as a management consultant and educator and has demonstrated exceptional presentation and communication skills.George is the president of the Basel ii Compliance Professionals Association (BCPA, basel-ii-association.com), the largest association of Basel ii professionals in the world, and the Basel iii Compliance Professionals Association (BiiiCPA, basel-iii-association.com), the largest association of Basel iii professionals in the world.George is also president of the Sarbanes Oxley Compliance Professionals Association (SOXCPA, sarbanes-oxley-association.com), the largest Association of Sarbanes Oxley professionals in the worldGeorge is an expert witness, qualified to investigate and testify about risk and compliance management standards, policies, procedures, best practices, due care and due diligence.
Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star

(0)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)