Security Risk Management: Building an Information Security Risk Management Program from the Ground Up

Security Risk Management: Building an Information Security Risk Management Program from the Ground Up

by Evan Wheeler
ISBN-10:
1597496154
ISBN-13:
9781597496155
Pub. Date:
05/31/2011
Publisher:
Elsevier Science
Select a Purchase Option
  • purchase options
    $10.79 $49.95 Save 78%
    • Free return shipping at the end of the rental period details
    • Textbook Rentals in 3 Easy Steps  details
    icon-error
    Note: Access code and/or supplemental material are not guaranteed to be included with textbook rental or used textbook.
  • purchase options
    $38.45 $49.95 Save 23% Current price is $38.45, Original price is $49.95. You Save 23%.
  • purchase options
    $23.65 $49.95 Save 53% Current price is $23.65, Original price is $49.95. You Save 53%.
    icon-error
    Note: Access code and/or supplemental material are not guaranteed to be included with textbook rental or used textbook.
  • purchase options

Overview

Security Risk Management: Building an Information Security Risk Management Program from the Ground Up

Security Risk Management is the definitive guide for building or running an information security risk management program. This book teaches practical techniques that will be used on a daily basis, while also explaining the fundamentals so students understand the rationale behind these practices. It explains how to perform risk assessments for new IT projects, how to efficiently manage daily risk activities, and how to qualify the current risk level for presentation to executive level management. While other books focus entirely on risk analysis methods, this is the first comprehensive text for managing security risks.

This book will help you to break free from the so-called best practices argument by articulating risk exposures in business terms. It includes case studies to provide hands-on experience using risk assessment tools to calculate the costs and benefits of any security investment. It explores each phase of the risk management lifecycle, focusing on policies and assessment processes that should be used to properly assess and mitigate risk. It also presents a roadmap for designing and implementing a security risk management program.

This book will be a valuable resource for CISOs, security managers, IT managers, security consultants, IT auditors, security analysts, and students enrolled in information security/assurance college programs.

  • Named a 2011 Best Governance and ISMS Book by InfoSec Reviews
  • Includes case studies to provide hands-on experience using risk assessment tools to calculate the costs and benefits of any security investment
  • Explores each phase of the risk management lifecycle, focusing on policies and assessment processes that should be used to properly assess and mitigate risk
  • Presents a roadmap for designing and implementing a security risk management program

Product Details

ISBN-13: 9781597496155
Publisher: Elsevier Science
Publication date: 05/31/2011
Pages: 360
Sales rank: 728,881
Product dimensions: 7.40(w) x 9.10(h) x 1.00(d)

Table of Contents

Part I – Introduction to Risk Management Chapter 1. The Security Evolution Chapter 2. Risky Business Chapter 3. The Risk Management Lifecycle Chapter 4. Risk Profiling Part II – Risk Assessment and Analysis Techniques Chapter 5. Formulating a Risk Chapter 6. Risk Exposure Factors Chapter 7. Security Controls and Services Chapter 8. Risk Evaluation and Mitigation Strategies Chapter 9. Reports and Consulting Chapter 10. Risk Assessment Techniques Part III – Building and Running a Risk Management Program Chapter 11. Threat and Vulnerability Management Chapter 12. Security Risk Reviews Chapter 13. A Blueprint for Security Chapter 14. Building a Program from Scratch Appendix A: Security Risk Profile Appendix B: Risk Models and Scales Appendix C: Architectural Risk Analysis Reference Tables

Customer Reviews

Most Helpful Customer Reviews

See All Customer Reviews