Description
Security Risk Management is the definitive guide for building or running an information security risk management program. This book teaches practical techniques with a purpose to be used every day, Even as also explaining the fundamentals so students have in mind the rationale at the back of these practices. It explains how to perform risk assessments for new IT projects, how to efficiently manage daily risk activities, and how to qualify the current risk level for presentation to executive level management. Even as other books focus entirely on risk analysis methods, this is the first comprehensive text for managing security risks.
This book will mean you can to break free from the so-known as best practices argument by articulating risk exposures in business terms. It includes case studies to provide hands-on experience the usage of risk assessment tools to calculate the costs and benefits of any security investment. It explores each phase of the risk management lifecycle, specializing in policies and assessment processes that are meant to be used to properly assess and mitigate risk. It also presents a roadmap for designing and implementing a security risk management program.
This book will be a valuable resource for CISOs, security managers, IT managers, security consultants, IT auditors, security analysts, and students enrolled in information security/assurance college programs.
- Named a 2011 Best Governance and ISMS Book by InfoSec Reviews
- Includes case studies to provide hands-on experience the usage of risk assessment tools to calculate the costs and benefits of any security investment
- Explores each phase of the risk management lifecycle, specializing in policies and assessment processes that are meant to be used to properly assess and mitigate risk
- Presents a roadmap for designing and implementing a security risk management program