Information risk management : a practitioner's guide /David Sutton.

By:

Sutton, David (Information security practitioner) [author.]

Material type: Text

TextPublisher: Swindon, UK : BCS Learning & Development Ltd, a wholly owned subsidiary of BCS The Chartered Institute for IT, [2014]Copyright date: c2014Description: xxxi, 210 p.; illustrations 24cmContent type:

text

Media type:

computer

Carrier type:

online resource

ISBN:

9781780172668
9781780172675
9781780172682

Subject(s):

Genre/Form:

Electronic books.

DDC classification:

004.0684 23

LOC classification:

T 58.64 S81

Online resources:

Click here for the electronic version.

Summary: This book provides a practical guide to implementing an information risk management process. The author takes you logically through the steps required to identify, assess and manage information risks within an organisation. Each step is explained clearly, supported by several generic examples, such as examples of threats and vulnerabilities, as well as the types of controls to treat risk. Ways of presenting the risks, as well as supporting business cases, are also discussed. Other topics include: coverage of the CESG scheme, HMG security-related documents, such as the security policy framework and UK Government security classification scheme, typical threats and hazards, typical vulnerabilities, risk controls, methodologies and tools, and templates. There are references throughout to any appropriate standards, such as ISO27001 and ISO27005. -- Edited summary from book.

Tags from this library: No tags from this library for this title. Log in to add tags.

Average rating: 0.0 (0 votes)

Holdings
Item type	Current library	Call number	Status	Date due	Barcode
Books	Faculty of Education General Stacks	T 58.64 S81 (Browse shelf(Opens below))	Available		FOE-00690

Browsing Faculty of Education shelves, Shelving location: General Stacks Close shelf browser (Hides shelf browser)

Previous						No cover image available		Next
Previous	T 58.5 C51 Essential Elements of Business Information Systems	T 58.5 E21 The Edited Proceedings of the European Seminar:	T 58.64 A71 Assessing the impact of information and communication Management on	T 58.64 S81 Information risk management :	T 173.3.G4 A91 Science Technology and Society:	T 173.8 C51 Conceptual and Appropriate Industrial Technology	T 173.8 D51 Enabling Innovation:	Next

Includes bibliographical references and index.

This book provides a practical guide to implementing an information risk management process. The author takes you logically through the steps required to identify, assess and manage information risks within an organisation. Each step is explained clearly, supported by several generic examples, such as examples of threats and vulnerabilities, as well as the types of controls to treat risk. Ways of presenting the risks, as well as supporting business cases, are also discussed. Other topics include: coverage of the CESG scheme, HMG security-related documents, such as the security policy framework and UK Government security classification scheme, typical threats and hazards, typical vulnerabilities, risk controls, methodologies and tools, and templates. There are references throughout to any appropriate standards, such as ISO27001 and ISO27005. -- Edited summary from book.

Online resource; title from title screen (Books24x7.com, viewed June 26, 2015).

There are no comments on this title.

to post a comment.

Search UDS Library Collections

Information risk management : a practitioner's guide /David Sutton.

Browsing Faculty of Education shelves, Shelving location: General Stacks Close shelf browser (Hides shelf browser)