Information Security Management Principles - Second edition

✍ Scribed by Alexander, David; Finch, Amanda; Sutton, David; Taylor, Andy

Publisher: BCS Learning & Development Ltd
Year: 2013
Tongue: English
Leaves: 208
Edition: Updated
Category: Library

No coin nor oath required. For personal study only.

✦ Synopsis

Commercial, personal and sensitive information is very hard to keep secure, and technological solutions are not the only answer. In todays technology-driven environment, there is an ever-increasing demand for information delivery on various devices in the office, at home and in public places. A compromise has to be struck between security of information and its availability. This book provides significant first steps along the path of dealing with information assurance in a realistic and comprehensive manner. The second edition has been expanded to include the security of cloud-based resources. The remainder of the contents have been reviewed and reordered to reflect the changes to the BCS Certification in Information Security Management Principles which the book supports.

✦ Table of Contents

Content: Copyright
CONTENTS
LIST OF FIGURES AND TABLES
AUTHORS
ACKNOWLEDGEMENTS
ABBREVIATIONS
PREFACE
1 INFORMATION SECURITY PRINCIPLES
CONCEPTS AND DEFINITIONS
THE NEED FOR, AND BENEFITS OF, INFORMATION SECURITY
POINTERS FOR ACTIVITIES IN THIS CHAPTER
2 INFORMATION RISK
THREATS TO, AND VULNERABILITIES OF, INFORMATION SYSTEMS
RISK MANAGEMENT
POINTERS FOR ACTIVITIES IN THIS CHAPTER
3 INFORMATION SECURITY FRAMEWORK
ORGANISATIONS AND RESPONSIBILITIES
ORGANISATIONAL POLICY, STANDARDS AND PROCEDURES
INFORMATION SECURITY GOVERNANCE
INFORMATION SECURITY IMPLEMENTATION. Security incident managementlegal framework
security standards and procedures
pointers for activities in this chapter
4 procedural and people security controls
people
user access controls
training and awareness
pointers for activities in this chapter
5 technical security controls
protection from malicious software
networks and communications
external services
cloud computing
it infrastructure
pointers for activities in this chapter
6 software development and life cycle
testing, audit and review
systems development and support
pointers for activities in this chapter. 7 physical and environmental securitylearning outcomes
general controls
physical security
technical security
procedural security
protection of equipment
processes to handle intruder alerts
clear screen and desk policy
moving property on and off site
procedures for secure disposal
security requirements in delivery and loading areas
pointers for activities in this chapter
8 disaster recovery and business continuity management
learning outcomes
dr/bcp, risk assessment and impact analysis
writing and implementing plans
documentation, maintenance and testing. LINKS TO MANAGED SERVICE PROVISION AND OUTSOURCINGSECURE OFF-SITE STORAGE OF VITAL MATERIAL
INVOLVEMENT OF PERSONNEL, SUPPLIERS AND IT SYSTEMS PROVIDERS
SECURITY INCIDENT MANAGEMENT
COMPLIANCE WITH STANDARDS
POINTERS FOR THE ACTIVITY IN THIS CHAPTER
9 OTHER TECHNICAL ASPECTS
INVESTIGATIONS AND FORENSICS
ROLE OF CRYPTOGRAPHY
POINTERS FOR THE ACTIVITY IN THIS CHAPTER
APPENDIX A
GLOSSARY
INDEX
Back Cover.

📜 SIMILAR VOLUMES

Managing Information Security, Second Ed

📁 Managing Information Security, Second Edition

✍ John R. Vacca 📂 Library 📅 2013 🏛 Syngress 🌐 English

Managing Information Security offers focused coverage of how to protect mission critical systems, and how to deploy security management systems, IT security, ID management, intrusion detection and prevention systems, computer forensics, network forensics, firewalls, penetration testing, vu

Managing Information Security, Second Ed

📁 Managing Information Security, Second Edition

✍ John R. Vacca 📂 Library 📅 2013 🏛 Syngress 🌐 English

Information Security: Principles and Pra

📁 Information Security: Principles and Practice, Second Edition

✍ Mark Stamp(auth.) 📂 Library 📅 2011 🌐 English

Now updated—your expert guide to twenty-first century information security Information security is a rapidly evolving field. As businesses and consumers become increasingly dependent on complex multinational information systems, it is more imperative than ever to protect the confidentialit

Information Security Management Principl

📁 Information Security Management Principles

✍ Andy Taylor, David Alexander, Amanda Finch, David Sutton 📂 Library 📅 2020 🏛 BCS, The Chartered Institute for IT 🌐 English

In today’s technology-driven environment there is an ever-increasing demand for information delivery. A compromise has to be struck between security and availability. This book is a pragmatic guide to information assurance for both business professionals and technical experts. The third edition has

Cism Certified Information Security Mana

📁 Cism Certified Information Security Manager Practice Exams, Second Edition

✍ Peter H. Gregory 📂 Library 📅 2023 🏛 McGraw-Hill Companies 🌐 English

Up-to-date practice questions that cover every topic on the 2022 version of the CISM exam Take the current version of the challenging CISM exam with complete confidence using the detailed information contained in this fully updated self-study guide. Written by an expert in the field, the boo

Essentials of Health Information Managem

📁 Essentials of Health Information Management: Principles and Practices, Second Edition

✍ Michelle A. Green, Mary Jo Bowie 📂 Library 📅 2010 🏛 Delmar Cengage Learning 🌐 English

ESSENTIALS OF HEALTH INFORMATION MANAGEMENT, Second Edition is the ideal book for first-semester students but can also be a useful resource for various health care organizations and medical offices. ESSENTIALS OF HEALTH INFORMATION MANAGEMENT is a comprehensive book that presents readers with both t