"A much-needed service for society today. I hope this book reaches information managers in the organization now vulnerable to hacks that are stealing corporate information and even holding it hostage for ransom." - Ronald W. Hull, author, poet, and former professor and university administrator A comprehensive entity security program deploys information asset protection through stratified technological and non-technological controls. Controls are necessary for counteracting threats, opportunities, and vulnerabilities risks in a manner that reduces potential adverse effects to defined, acceptable levels. This book presents a methodological approach in the context of normative decision theory constructs and concepts with appropriate reference to standards and the respective guidelines. Normative decision theory attempts to establish a rational framework for choosing between alternative courses of action when the outcomes resulting from the selection are uncertain. Through the methodological application, decision theory techniques can provide objectives determination, interaction assessments, performance estimates, and organizational analysis. A normative model prescribes what should exist according to an assumption or rule.

In this new and exciting seventh edition, Technology Management continues to provide R&D managers with essential insight and information to address the most important challenges and opportunities of their profession. Divided into six sections, with contributions from experts in their field, this book is a current, complete reference guide into the ever-changing landscape of technology management.

A Standard for Auditing Computer Applications is a dynamic new resource for evaluating all aspects of automated business systems and systems environments. At the heart of A Standard for Auditing Computer Applications system is a set of customizable workpapers that provide blow-by-blow coverage of all phases of the IT audit process for traditional mainframe, distributed processing, and client/server environments.A Standard for Auditing Computer Applications was developed by Marty Krist, an acknowledged and respected expert in IT auditing. Drawing upon his more than twenty years of auditing experience with leading enterprise organizations, worldwide, Marty walks you step-by-step through the audit process for system environments and specific applications and utilities. He clearly spells out what you need to look for and where to look for it, and he provides expert advice and guidance on how to successfully address a problem when you find one.When you order A Standard for Auditing Computer Applications, you receive a powerful package containing all the forms, checklists, and templates you'll ever need to conduct successful audits on downloadable resources. Designed to function as a handy, on-the-job resource, the book follows a concise, quick-access format. It begins with an overview of the general issues inherent in any IT review. This is followed by a comprehensive review of the audit planning process. The remainder of the book provides you with detailed, point-by-point breakdowns along with proven tools for:evaluating systems environments-covers all the bases, including IT administration, security, backup and recovery planning, systems development, and moreEvaluating existing controls for determining hardware and software reliabilityAssessing the new system development processEvaluating all aspects of individual applications, from I/O, processing and logical and physical security to documentation, training, and programmed proceduresAssessing specific applications and utilities, including e-mail, groupware, finance and accounting applications, CAD, R&D, production applications, and more

A Practical Introduction to Enterprise Network and Security Management, Second Edition, provides a balanced understanding of introductory and advanced subjects in both computer networking and cybersecurity. Although much of the focus is on technical concepts, managerial issues related to enterprise network and security planning and design are explained from a practitioner's perspective. Because of the critical importance of cybersecurity in today's enterprise networks, security-related issues are explained throughout the book, and four chapters are dedicated to fundamental knowledge. Challenging concepts are explained so readers can follow through with careful reading. This book is written for those who are self-studying or studying information systems or computer science in a classroom setting. If used for a course, it has enough material for a semester or a quarter. FEATURES Provides both theoretical and practical hands-on knowledge and learning experiences for computer networking and cybersecurity Offers a solid knowledge base for those preparing for certificate tests, such as CompTIA and CISSP Takes advantage of actual cases, examples, industry products, and services so students can relate concepts and theories to practice Explains subjects in a systematic and practical manner to facilitate understanding Includes practical exercise questions that can be individual or group assignments within or without a classroom Contains several information-rich screenshots, figures, and tables carefully constructed to solidify concepts and enhance visual learning The text is designed for students studying information systems or computer science for the first time. As a textbook, this book includes hands-on assignments based on the Packet Tracer program, an excellent network design and simulation tool from Cisco. Instructor materials also are provided, including PowerPoint slides, solutions for exercise questions, and additional chapter questions from which to build tests.

Executives should not necessarily know the intricacies of project management, but they should know how project management, as a discipline, can benefit the organization in implementing its strategies and realizing its vision. The only way that executives can effectively apply project management to realize these goals is to have sound knowledge of the project management discipline. The purpose of this book is to provide executives with a comprehensive overview of the discipline of project management. It focuses on the benefits of project management to an organization. The goal is to provide executives with a view as to how project management can deliver organizational strategies. The various chapters focus on specific aspects within the project management discipline and how each aspect should be managed from a business perspective. The book covers the entire spectrum of project management from a management and leadership perspective. The focus is not necessarily on what needs to be done from a project management perspective, but on what organizations and senior executives can do to facilitate projects. The book covers: The value of project management Project management as a strategic enabler Project, program, and portfolio management The role of the project management office in the successful delivery of projects, programs, and portfolios The benefits of project deliverables bring Sustainability of the organization Governance and the role of the project sponsor. The book concludes with a comprehensive portfolio, program, and project management framework. This holistic framework enables organizations to achieve value from project management and realize strategic goals.

Inclusive Radio Communication Networks for 5G and Beyond is based on the COST IRACON project that consists of 500 researchers from academia and industry, with 120 institutions from Europe, US and the Far East involved. The book presents state-of-the-art design and analysis methods for 5G (and beyond) radio communication networks, along with key challenges and issues related to the development of 5G networks. This book is Open Access and was funded by: CNIT - Consorzio Nazionale Interuniversitario per le Telecomunicazioni European Association for Communications and Networking (EURACON), AISBL

This book offers a practical insight to leaders who need to make good decisions in risky and important situations. The authors describe a process for making risk-intelligent decisions, explaining complex ideas simply, and mapping a route through the myriad interrelated influences when groups make decisions that matter. The approach puts the decision maker-you-at the center and explains how you can think and act differently to make better decisions more of the time. The book shows how to Determine the appropriate level of risk Make decisions in uncertain and turbulent conditions Understand how risks are perceived to identify them accurately Develop new behaviors to improve decision-making Making Risky and Important Decisions: A Leader's Guide builds on earlier ground-breaking publications from these two recognized thought leaders. Their first book together, Understanding and Managing Risk Attitude, brought together the language of risk and risk-taking with the language of emotional intelligence and emotional literacy. Managing Group Risk Attitude followed, and focused on decision-making groups, creating new insights and frameworks. Both books are positioned as specialist textbooks, despite their relevance to real-world situations. A Short Guide to Risk Appetite brought together the concepts of risk appetite and risk attitude into one place for the first time, cutting through confusing terminology and confused thinking to create a practical way of understanding "how much risk is too much risk." This latest installment from Ruth Murray-Webster and David Hillson takes the breadth of their previous work, adds new insights and thinking, and distills it into a highly usable guide for hard-pressed leaders.

The complex challenges facing healthcare require innovative solutions that can make patient care more effective, easily available, and affordable. One such solution is the digital reconstruction of medicine that transitions much of patient care from hospitals, clinics, and offices to a variety of virtual settings. This reconstruction involves telemedicine, hospital-at-home services, mobile apps, remote sensing devices, clinical data analytics, and other cutting-edge technologies. The Digital Reconstruction of Healthcare: Transitioning from Brick and Mortar to Virtual Care takes a deep dive into these tools and how they can transform medicine to meet the unique needs of patients across the globe. This book enables readers to peer into the very near future and prepare them for the opportunities afforded by the digital shift in healthcare. It is also a wake-up call to readers who are less than enthusiastic about these digital tools and helps them to realize the cost of ignoring these tools. It is written for a wide range of medical professionals including: Physicians, nurses, and entrepreneurs who want to understand how to use or develop digital products and services IT managers who need to fold these tools into existing computer networks at hospitals, clinics, and medical offices Healthcare executives who decide how to invest in these platforms and products Insurers who need to stay current on the latest trends and the evidence to support their cost effectiveness Filled with insights from international experts, this book also features Dr. John Halamka's lessons learned from years of international consulting with government officials on digital health. It also taps into senior research analyst Paul Cerrato's expertise in AI, data analytics, and machine learning. Combining these lessons learned with an in-depth analysis of clinical informatics research, this book aims to separate hyped AI "solutions" from evidence-based digital tools. Together, these two pillars support the contention that these technologies can, in fact, help solve many of the seemingly intractable problems facing healthcare providers and patients.

"The AntiPatterns authors have clearly been there and done that when it comes to managing software development efforts. I resonated with one insight after another, having witnessed too many wayward projects myself. The experience in this book is palpable." —John Vlissides, IBM Research "This book allows managers, architects, and developers to learn from the painful mistakes of others. The high-level AntiPatterns on software architecture are a particularly valuable contribution to software engineering. Highly recommended!" —Kyle Brown Author of The Design Patterns Smalltalk Companion "AntiPatterns continues the trend started in Design Patterns. The authors have discovered and named common problem situations resulting from poor management or architecture control, mistakes which most experienced practitioners will recognize. Should you find yourself with one of the AntiPatterns, they even provide some clues on how to get yourself out of the situation." —Gerard Meszaros, Chief Architect, Object Systems Group Are you headed into the software development mine field? Follow someone if you can, but if you’re on your own—better get the map! AntiPatterns is the map. This book helps you navigate through today’s dangerous software development projects. Just look at the statistics:

• Nearly one-third of all software projects are cancelled.
• Two-thirds of all software projects encounter cost overruns in excess of 200%.
• Over 80% of all software projects are deemed failures.

While patterns help you to identify and implement procedures, designs, and codes that work, AntiPatterns do the exact opposite; they let you zero-in on the development detonators, architectural tripwires, and personality booby traps that can spell doom for your project. Written by an all-star team of object-oriented systems developers, AntiPatterns identifies 40 of the most common AntiPatterns in the areas of software development, architecture, and project management. The authors then show you how to detect and defuse AntiPatterns as well as supply refactored solutions for each AntiPattern presented.

You did it. You successfully transformed your application into a microservices architecture. But now that you're running services across different environments-public to public, private to public, virtual machine to container-your cloud native software is beginning to encounter reliability issues. How do you stay on top of this ever-increasing complexity? With the Istio service mesh, you'll be able to manage traffic, control access, monitor, report, get telemetry data, manage quota, trace, and more with resilience across your microservice. In this book, Lee Calcote and Zack Butcher explain why your services need a service mesh and demonstrate step-by-step how Istio fits into the life cycle of a distributed application. You'll learn about the tools and APIs for enabling and managing many of the features found in Istio. Explore the observability challenges Istio addresses Use request routing, traffic shifting, fault injection, and other features essential to running a solid service mesh Generate and collect telemetry information Try different deployment patterns, including A/B, blue/green, and canary Get examples of how to develop and deploy real-world applications with Istio support

The new fifth edition of Information Technology Control and Audit has been significantly revised to include a comprehensive overview of the IT environment, including revolutionizing technologies, legislation, audit process, governance, strategy, and outsourcing, among others. This new edition also outlines common IT audit risks, procedures, and involvement associated with major IT audit areas. It further provides cases featuring practical IT audit scenarios, as well as sample documentation to design and perform actual IT audit work. Filled with up-to-date audit concepts, tools, techniques, and references for further reading, this revised edition promotes the mastery of concepts, as well as the effective implementation and assessment of IT controls by organizations and auditors. For instructors and lecturers there are an instructor's manual, sample syllabi and course schedules, PowerPoint lecture slides, and test questions. For students there are flashcards to test their knowledge of key terms and recommended further readings. Go to http://routledgetextbooks.com/textbooks/9781498752282/ for more information.

This book presents a biographical history of the field of systems thinking, by examining the life and work of thirty of its major thinkers. It discusses each thinker's key contributions, the way this contribution was expressed in practice and the relationship between their life and ideas. This discussion is supported by an extract from the thinker's own writing, to give a flavour of their work and to give readers a sense of which thinkers are most relevant to their own interests.

Software is important because it is used by a great many people in companies and institutions. This book presents engineering methods for designing and building software. Based on the author's experience in software engineering as a programmer in the defense and aerospace industries, this book explains how to ensure a software that is programmed operates according to its requirements. It also shows how to develop, operate, and maintain software engineering capabilities by instilling an engineering discipline to support programming, design, builds, and delivery to customers. This book helps software engineers to: Understand the basic concepts, standards, and requirements of software engineering. Select the appropriate programming and design techniques. Effectively use software engineering tools and applications. Create specifications to comply with the software standards and requirements. Utilize various methods and techniques to identify defects. Manage changes to standards and requirements. Besides providing a technical view, this book discusses the moral and ethical responsibility of software engineers to ensure that the software they design and program does not cause serious problems. Software engineers tend to be concerned with the technical elegance of their software products and tools, whereas customers tend to be concerned only with whether a software product meets their needs and is easy and ready to use. This book looks at these two sides of software development and the challenges they present for software engineering. A critical understanding of software engineering empowers developers to choose the right methods for achieving effective results. Effective Methods for Software Engineering guides software programmers and developers to develop this critical understanding that is so crucial in today's software-dependent society.

The healthcare industry is under privacy attack. The book discusses the issues from the healthcare organization and individual perspectives. Someone hacking into a medical device and changing it is life-threatening. Personal information is available on the black market. And there are increased medical costs, erroneous medical record data that could lead to wrong diagnoses, insurance companies or the government data-mining healthcare information to formulate a medical 'FICO' score that could lead to increased insurance costs or restrictions of insurance. Experts discuss these issues and provide solutions and recommendations so that we can change course before a Healthcare Armageddon occurs.

No enterprise today is proud of being unchanged. Stability is understood more as a sign of stagnation than reliability, and enterprises that do not change and do not evolve are commonly regarded as fossilized. Increasing globalization processes often force today's enterprises to make organizational changes, but the effectiveness of these processes relies on its organizational culture. This book argues that the problem behind organizational culture is its multilevel structure, including the visible and hidden levels. It addresses difficult questions, such as: Is it better to make thorough, but more painful changes, or to gradually introduce small improvements? It also demonstrates that organizational culture is not a fixed phenomenon: its shaping takes place in stages, and it is essential to take such stages into account in the process of implementing the strategy of an enterprise. Providing a comprehensive insight into "organizational culture" and its relationship to change, this book will be essential reading for professionals involved in business management and IT management throughout the world. Its analyses and suggestions will allow for improved organizational culture and change management in business environments.

Strategic intelligence (SI) has mostly been used in military settings, but its worth goes well beyond that limited role. It has become invaluable for improving any organization's strategic decision making process. The author of Strategic Intelligence: Business Intelligence, Competitive Intelligence, and Knowledge Management recognizes synergies among component pieces of strategic intelligence, and demonstrates how executives can best use this internal and external information toward making better decisions. Divided into two major parts, the book first discusses the convergence of knowledge management (KM), business intelligence (BI), and competitive intelligence (CI) into what the author defines as strategic intelligence. The second part of the volume describes case studies written by recognized experts in the fields of KM, BI, and CI. The case studies include strategic scenarios at Motorola, AARP, Northrop Grumman, and other market leaders. About the Editor Jay Liebowitz, D.Sc., is a full professor in the Graduate Division of Business and Management and program director for the Graduate Certificate in Competitive Intelligence at Johns Hopkins University. The first knowledge management officer at NASA Goddard Space Flight Center, he also served as the Robert W. Deutsch Distinguished Professor of Information Systems at the University of Maryland-Baltimore County, professor of Management Science at George Washington University, and Chaired Professor of Artificial Intelligence (AI) at the U.S. Army War College. A founder and chairperson of The World Congress on Expert Systems, he is a Fulbright Scholar, IEEE-USA Federal Communications Commission Executive Fellow, and Computer Educator of the Year (International Association for Computer Information Systems).

Hazard and operability studies (HAZOP) is perhaps the most powerful technique for the identification and analysis of hazards. But in many industries it is unknown, and where it is employed it often does not fulfil its potential because of incorrect use. This book describes HAZOP and explains its efficient and effective use. It is a structured text which first teaches HAZOP, step by step, and then provides additional information and guidance on particular problems and applications. It therefore provides a course for those who want to learn the technique and a reference source for practitioners. Not only have the authors employed, researched and taught the method, but they have also written a standard on its use. They are therefore the ideal advisers, not only for introducing newcomers to HAZOP, but also for guiding practitioners through its more advanced aspects. Key features of this book include:&UL; &LI; Detailed discussion and practical examples of the application of HAZOP to software-based systems;&LI; An explanation of the overall context of HAZOP in safety analysis;&LI; A method of applying HAZOP to the human components of systems.&/UL; System Safety - HAZOP and Software HAZOP is based on experience. It is an crucial teaching and reference text on a safety technique which is used in a wide range of industries, including military, process, rail and other transport, electricity generation, and medical. It explains HAZOP and its application to software-based systems for managers, engineers and safety personnel in all industries.

In today's technology-driven environment there is an ever-increasing demand for information delivery. A compromise has to be struck between security and availability. This book is a pragmatic guide to information assurance for both business professionals and technical experts. The third edition has been updated to reflect changes in the IT security landscape and updates to the BCS Certification in Information Security Management Principles, which the book supports.

An extensively revised and expanded third edition of the successful textbook on analysis and visualization of social networks integrating theory, applications, and professional software for performing network analysis (Pajek). The main structural concepts and their applications in social research are introduced with exercises. Pajek software and datasets are available, so readers can learn network analysis through application and case studies. In the end readers will have the knowledge, skills, and tools to apply social network analysis across different disciplines. A fundamental redesign of the menu structure and the capability to analyze much larger networks required a new edition. This edition presents several new operations including community detection, generalized main paths searches, new network indices, advanced visualization approaches, and instructions for installing Pajek under MacOSX. This third edition is up-to-date with Pajek version 5 and it introduces PajekXXL for very large networks and Pajek3XL for huge networks.

Knowledge management (KM) is the identification and analysis of available and required knowledge, and the subsequent planning and control of actions, to develop "knowledge assets" that enable businesses to generate profits and improve their competitive positions. This volume provides the framework for the strategic use of the information intelligence processes - business intelligence, content management, and knowledge management. In nine detailed chapters, the author explains every facet of these three subjects, enabling you to understand these sophisticated business concepts within the framework of information technology. Knowledge Management, Business Intelligence, and Content Management: The IT Practitioner's Guide discusses creation, protection, development, sharing, and management of information and intellectual assets through the use of business intelligence and other knowledge sharing and analytical techniques. About the Author Jessica Keyes is president of New Art Technologies, Inc., a high-technology and management consultancy, and is also founding partner of Manhattan Technology Group. Often a keynote speaker on the topics of competitive strategy, productivity, and quality, she is a founding board of directors member of the New York Software Industry Association, and has recently completed a 2-year term on the Mayor of New York City's Small Business Advisory Council. A noted columnist and correspondent, Keyes is the author of 19 books, including Auerbach Publications' Software Engineering Handbook, Software Configuration Management, and Implementing the IT Balanced Scorecard.

Medical Services Professionals (MSPs) hold a unique place in the healthcare industry. Medical Staff leaders, practitioners and providers rely on MSPs to ensure qualitative regulatory compliance, performance improvement, accreditation, credentialing and governance for physicians, practitioners, and other healthcare providers. MSPs ensure the design, implementation, and maintenance of current industry practices to promote quality patient care. Their roles are rapidly changing due to competition, increased government influence, and vast changes in technology that demand for service delivery improvements worldwide. The successful MSP will require a formal professional development plan, comprised of skills and knowledge for both personal and career choices as the industry moves into the future. This book is presented in an easy to read format and contains a series of building blocks, "points" to navigate career progression logically. Each point highlights solutions for MSPs to test and apply with real-life stories interspersed to illustrate points. This book contains a helpful glossary, sample job descriptions, and terms specific to the MSP.

Following in the footsteps of its bestselling predecessor, The Practical Guide to HIPAA Privacy and Security Compliance, Second Edition is a one-stop, up-to-date resource on Health Insurance Portability and Accountability Act (HIPAA) privacy and security, including details on the HITECH Act, the 2013 Omnibus Rule, and the pending rules. Updated and revised with several new sections, this edition defines what HIPAA is, what it requires, and what you need to do to achieve compliance. The book provides an easy-to-understand overview of HIPAA privacy and security rules and compliance tasks. Supplying authoritative insights into real-world HIPAA privacy and security issues, it summarizes the analysis, training, and technology needed to properly plan and implement privacy and security policies, training, and an overall program to manage information risks. Instead of focusing on technical jargon, the book spells out what your organization must do to achieve and maintain compliance requirements on an ongoing basis.

Although there are countless books on statistics, few are dedicated to the application of statistical methods to software engineering. Simple Statistical Methods for Software Engineering: Data and Patterns fills that void. Instead of delving into overly complex statistics, the book details simpler solutions that are just as effective and connect with the intuition of problem solvers. Sharing valuable insights into software engineering problems and solutions, the book not only explains the required statistical methods, but also provides many examples, review questions, and case studies that provide the understanding required to apply those methods to real-world problems. After reading this book, practitioners will possess the confidence and understanding to solve day-to-day problems in quality, measurement, performance, and benchmarking. By following the examples and case studies, students will be better prepared able to achieve seamless transition from academic study to industry practices. Includes boxed stories, case studies, and illustrations that demonstrate the nuances behind proper application Supplies historical anecdotes and traces statistical methods to inventors and gurus Applies basic statistical laws in their simplest forms to resolve engineering problems Provides simple techniques for addressing the issues software engineers face The book starts off by reviewing the essential facts about data. Next, it supplies a detailed review and summary of metrics, including development, maintenance, test, and agile metrics. The third section covers the fundamental laws of probability and statistics and the final section presents special data patterns in the form of tailed mathematical distributions. In addition to selecting simpler and more flexible tools, the authors have also simplified several standard techniques to provide you with the set of intellectual tools al

One of the most difficult, yet important, questions regarding projects is "What advantages will this project create for the investors and key stakeholders?" Projects and programs should be treated as investments. This means that the focus of projects shifts from delivering within the triple constraints (time-cost-quality) towards some of the more fundamental questions: What is the purpose of this investment? What are the specific advantages expected? Are these benefits worth the investment? Implementing Project and Program Benefit Management is written for executives and practitioners within the portfolio, program, and project environment. It guides them through the important work that must be addressed as the investment progresses towards the realization of benefits. The processes discussed cover the strategic elements of benefits realization as well as the more detailed requirements, which are the domain of the program delivery teams and the operational users. Using real cases to explain complex situations, operational teams and wider groups of stakeholders, including communities affected by infrastructure projects, will be able to engage in the conversation with the sponsors and delivery teams. Covering an area of program and project management that is rapidly becoming more widely valued, this book blends theory with practical experience to present a clear process flow to managing the benefits life cycle. Best practices are defined, and pitfalls and traps are identified to enable practitioners to apply rigor and structure to this crucial discipline.

This book presents a framework to model the main activities of information security management and governance. The same model can be used for any security sub-domain such as cybersecurity, data protection, access rights management, business continuity, etc.