Security Risk Management: Building an Information Security Risk Management Program from the Ground Up (Paperback)

Evan Wheeler

  • 出版商: Syngress Media
  • 出版日期: 2011-05-17
  • 定價: $1,650
  • 售價: 8.5$1,403
  • 語言: 英文
  • 頁數: 360
  • 裝訂: Paperback
  • ISBN: 1597496154
  • ISBN-13: 9781597496155
  • 相關分類: 資訊安全
  • 立即出貨 (庫存 < 3)

買這商品的人也買了...

商品描述

The goal of Security Risk Management is to teach you practical techniques that will be used on a daily basis, while also explaining the fundamentals so you understand the rationale behind these practices. Security professionals often fall into the trap of telling the business that they need to fix something, but they can't explain why. This book will help you to break free from the so-called "best practices" argument by articulating risk exposures in business terms. You will learn techniques for how to perform risk assessments for new IT projects, how to efficiently manage daily risk activities, and how to qualify the current risk level for presentation to executive level management. While other books focus entirely on risk analysis methods, this is the first comprehensive guide for managing security risks.

  • Includes case studies to provide hands-on experience using risk assessment tools to calculate the costs and benefits of any security investment
  • Explores each phase of the risk management lifecycle, focusing on policies and assessment processes that should be used to properly assess and mitigate risk
  • Presents a roadmap for designing and implementing a security risk management program

商品描述(中文翻譯)

《安全風險管理》的目標是教授您實用的技巧,這些技巧將在日常工作中使用,同時解釋基本原理,讓您理解這些實踐背後的原因。安全專業人員常常陷入告訴企業需要修復某些問題的陷阱中,但卻無法解釋為什麼。本書將幫助您擺脫所謂的「最佳實踐」論點,通過以商業術語表達風險暴露,使您能夠清楚地傳達給高層管理人員。您將學習如何為新的IT項目進行風險評估的技巧,如何高效管理日常風險活動,以及如何對當前風險水平進行資格評估,以供高層管理人員演示。儘管其他書籍完全專注於風險分析方法,但這是第一本全面指南,用於管理安全風險。

本書包含案例研究,以提供使用風險評估工具計算任何安全投資成本和效益的實踐經驗。

本書探討了風險管理生命周期的每個階段,重點關注應該用於正確評估和減輕風險的政策和評估流程。

本書還提供了設計和實施安全風險管理計劃的路線圖。