登入
選單
返回
Google圖書搜尋
Information Risk Management
David Sutton
其他書名
A Practitioner's Guide
出版
BCS Learning & Development Limited, a wholly owned subsidiary of BCS The Chartered Institute for IT
, 2014
主題
Business & Economics / Decision-Making & Problem Solving
Business & Economics / Industries / Computers & Information Technology
Business & Economics / Information Management
Computers / General
Computers / Management Information Systems
Computers / Security / General
ISBN
1780172680
9781780172682
URL
http://books.google.com.hk/books?id=KpbTnQAACAAJ&hl=&source=gbs_api
註釋
This book provides a practical guide to implementing an information risk management process. The author takes you logically through the steps required to identify, assess and manage information risks within an organisation. Each step is explained clearly, supported by several generic examples, such as examples of threats and vulnerabilities, as well as the types of controls to treat risk. Ways of presenting the risks, as well as supporting business cases, are also discussed. Other topics include: coverage of the CESG scheme, HMG security-related documents, such as the security policy framework and UK Government security classification scheme, typical threats and hazards, typical vulnerabilities, risk controls, methodologies and tools, and templates. There are references throughout to any appropriate standards, such as ISO27001 and ISO27005. --
