Information Security Risk Analysis (Hardcover, 3rd Edition)

Successful security professionals have had to modify the process of responding to new threats in the high-profile, ultra-connected business environment. But just because a threat exists does not mean that your organization is at risk. This is what risk assessment is all about. Information Security Risk Analysis, Third Edition demonstrates how to identify threats your company faces and then determine if those threats pose a real risk to your organization.

Providing access to more than 350 pages of helpful ancillary materials, this volume:

Presents and explains the key components of risk management

Demonstrates how the components of risk management are absolutely necessary and work in your organization and business situation

Shows how a cost-benefit analysis is part of risk management and how this analysis is performed as part of risk mitigation

Explains how to draw up an action plan to protect the assets of your organization when the risk assessment process concludes

Examines the difference between a Gap Analysis and a Security or Controls Assessment

Presents case studies and examples of all risk management components

Authored by renowned security expert and certification instructor, Thomas Peltier, this authoritative reference provides you with the knowledge and the skill-set needed to achieve a highly effective risk analysis assessment in a matter of days. Supplemented with user-friendly checklists, forms, questionnaires, sample assessments, and other documents, this work is truly a one-stop, how-to resource for industry and academia professionals.

Table of Contents

INTRODUCTION

Frequently Asked Questions

Conclusion

RISK MANAGEMENT

Overview

Risk Management as Part of the Business Process

Employee Roles and Responsibilities

Information Security Life Cycle

Risk Analysis Process

Risk Assessment

Cost-Benefit Analysis

Risk Mitigation

Final Thoughts

RISK ASSESSMENT PROCESS

Introduction

Risk Assessment Process

Information Is an Asset

Risk Assessment Methodology

Final Thoughts

QUANTITATIVE VERSUS QUALITATIVE RISK ASSESSMENT

Introduction

Quantitative and Qualitative Pros and Cons

Qualitative Risk Assessment Basics

Qualitative Risk Assessment Using Tables

The 30-Minute Risk Assessment

Conclusion

OTHER FORMS OF QUALITATIVE RISK ASSESSMENT

Introduction

Hazard Impact Analysis

Questionnaires

Single Time Loss Algorithm

Conclusion

FACILITATED RISK ANALYSIS AND ASSESSMENT PROCESS (FRAAP)

Introduction

FRAAP Overview

Why The FRAAP Was Created

Introducing the FRAAP to Your Organization

Conclusion

VARIATIONS ON THE FRAAP

Overview

Infrastructure FRAAP

Conclusion

MAPPING CONTROLS

Controls Overview

Creating Your Controls List

Control List Examples

BUSINESS IMPACT ANALYSIS (BIA)

Overview

Creating a BIA Process

CONCLUSION

Appendix A: Sample Risk Assessment Management Summary Report

Appendix B: Terms and Definitions

Appendix C: Bibliography

General

Imprint:	Taylor & Francis
Country of origin:	United States
Release date:	March 2010
First published:	March 2010
Authors:	Thomas R. Peltier
Dimensions:	234 x 156 x 20mm (L x W x T)
Format:	Hardcover
Pages:	456
Edition:	3rd Edition
ISBN-13:	978-1-4398-3956-0
Categories:	Books > Computing & IT > Computer communications & networking > Network security Promotions
LSN:	1-4398-3956-5
Barcode:	9781439839560

Is the information for this product incomplete, wrong or inappropriate? Let us know about it.

Does this product have an incorrect or missing image? Send us a new image.

Is this product missing categories? Add more categories.

Review This Product

No reviews yet - be the first to create one!