1 option
Information security management principles / Andy Taylor (editor), David Alexander, Amanda Finch, David Sutton.
- Format:
- Book
- Author/Creator:
- Alexander, David.
- Language:
- English
- Subjects (All):
- Computer security--Management.
- Computer security.
- Data protection.
- Physical Description:
- 1 online resource (227 p.)
- Edition:
- 2nd ed.
- Place of Publication:
- Swindon, U.K. : BCS Learning & Development Ltd., 2013.
- Language Note:
- English
- System Details:
- text file
- Summary:
- In today's technology-driven environment, there is an ever-increasing demand for information delivery. A compromise has to be struck between security and availability. This book is a pragmatic guide to information assurance for both business professionals and technical experts. This second edition includes the security of cloud-based resources.
- Contents:
- Copyright; CONTENTS; LIST OF FIGURES AND TABLES; AUTHORS; ACKNOWLEDGEMENTS; ABBREVIATIONS; PREFACE; 1 INFORMATION SECURITY PRINCIPLES; CONCEPTS AND DEFINITIONS; THE NEED FOR, AND BENEFITS OF, INFORMATION SECURITY; POINTERS FOR ACTIVITIES IN THIS CHAPTER; 2 INFORMATION RISK; THREATS TO, AND VULNERABILITIES OF, INFORMATION SYSTEMS; RISK MANAGEMENT; POINTERS FOR ACTIVITIES IN THIS CHAPTER; 3 INFORMATION SECURITY FRAMEWORK; ORGANISATIONS AND RESPONSIBILITIES; ORGANISATIONAL POLICY, STANDARDS AND PROCEDURES; INFORMATION SECURITY GOVERNANCE; INFORMATION SECURITY IMPLEMENTATION
- SECURITY INCIDENT MANAGEMENTLEGAL FRAMEWORK; SECURITY STANDARDS AND PROCEDURES; POINTERS FOR ACTIVITIES IN THIS CHAPTER; 4 PROCEDURAL AND PEOPLE SECURITY CONTROLS; PEOPLE; USER ACCESS CONTROLS; TRAINING AND AWARENESS; POINTERS FOR ACTIVITIES IN THIS CHAPTER; 5 TECHNICAL SECURITY CONTROLS; PROTECTION FROM MALICIOUS SOFTWARE; NETWORKS AND COMMUNICATIONS; EXTERNAL SERVICES; CLOUD COMPUTING; IT INFRASTRUCTURE; POINTERS FOR ACTIVITIES IN THIS CHAPTER; 6 SOFTWARE DEVELOPMENT AND LIFE CYCLE; TESTING, AUDIT AND REVIEW; SYSTEMS DEVELOPMENT AND SUPPORT; POINTERS FOR ACTIVITIES IN THIS CHAPTER
- 7 PHYSICAL AND ENVIRONMENTAL SECURITYLEARNING OUTCOMES; GENERAL CONTROLS; PHYSICAL SECURITY; TECHNICAL SECURITY; PROCEDURAL SECURITY; PROTECTION OF EQUIPMENT; PROCESSES TO HANDLE INTRUDER ALERTS; CLEAR SCREEN AND DESK POLICY; MOVING PROPERTY ON AND OFF SITE; PROCEDURES FOR SECURE DISPOSAL; SECURITY REQUIREMENTS IN DELIVERY AND LOADING AREAS; POINTERS FOR ACTIVITIES IN THIS CHAPTER; 8 DISASTER RECOVERY AND BUSINESS CONTINUITY MANAGEMENT; LEARNING OUTCOMES; DR/BCP, RISK ASSESSMENT AND IMPACT ANALYSIS; WRITING AND IMPLEMENTING PLANS; DOCUMENTATION, MAINTENANCE AND TESTING
- LINKS TO MANAGED SERVICE PROVISION AND OUTSOURCINGSECURE OFF-SITE STORAGE OF VITAL MATERIAL; INVOLVEMENT OF PERSONNEL, SUPPLIERS AND IT SYSTEMS PROVIDERS; SECURITY INCIDENT MANAGEMENT; COMPLIANCE WITH STANDARDS; POINTERS FOR THE ACTIVITY IN THIS CHAPTER; 9 OTHER TECHNICAL ASPECTS; INVESTIGATIONS AND FORENSICS; ROLE OF CRYPTOGRAPHY; POINTERS FOR THE ACTIVITY IN THIS CHAPTER; APPENDIX A; GLOSSARY; INDEX; Back Cover
- Notes:
- Description based upon print version of record.
- Includes bibliographical references and index.
- ISBN:
- 9781628702590
- 1628702591
- 9781780171760
- 1780171765
- OCLC:
- 851971957
The Penn Libraries is committed to describing library materials using current, accurate, and responsible language. If you discover outdated or inaccurate language, please fill out this feedback form to report it and suggest alternative language.