Information Security Management
ISBN-13:
9781420078541
Veröffentl:
2010
Erscheinungsdatum:
29.01.2010
Seiten:
868
Autor:
Bel G. Raggad
Gewicht:
1446 g
Format:
241x155x44 mm
Sprache:
Deutsch
Beschreibung:
An authoritative and practical classroom resource, Information Security Management: Concepts and Practice provides a general overview of security auditing before examining the various elements of the information security life cycle. It explains the ISO 17799 standard and walks readers through the steps for conducting a nominal security audit that conforms to the standard. The text also provides detailed guidance for conducting an in-depth technical security audit leading to certification against the 27001 standard. Topics addressed include cyber security, security risk assessments, privacy rights, HIPAA, SOX, intrusion detection systems, security testing activities, cyber terrorism, and vulnerability assessments.
Information security cannot be effectively managed unless secure methods and standards are integrated into all phases of the information security life cycle. This title provides an overview of security auditing and examines the various elements of the information security life cycle.
INTRODUCTION. Introduction to Information Security Management. Introduction to Management Concepts. The Information Security Life Cycle. SECURITY PLAN. Security Plan. Security Policy. Business Continuity Planning. SECURITY ANALYSIS. Security Risk Management. Continual Security: Integrated Fault-Event Analysis and Response Framework (IFEAR). Active Security Assessment. System Availability. SECURITY DESIGN. Nominal Security Enhancement Design Based on ISO/IEC 27002. Technical Security Enhancement Based on ISO/IEC 27001. SECURITY IMPLEMENTATION. Security Solutions. The Common Criteria. SECURITY REVIEW. Security Review through Security Audit. Privacy Rights, Information Technology, and HIPAA. CONTINUAL SECURITY. The Sarbanes-Oxley Act and IT Compliance. Cyberterrorism and Homeland Security. INDEX.