|Other Retailer||Price Checked Time||Their Price in AUD||Our Price|
|Book Depository US||yesterday||53.08||$48.20||You save $4.88|
Preface Definitions, Standards and Glossary of Terms 1. The need for information risk management 2. Review of information security fundamentals 3. The information risk management programme 4. Risk identification 5. Threat and vulnerability assessment 6. Risk analysis and risk evaluation 7. Risk treatment 8. Risk reporting and presentation 9. Communication, consultation, monitoring and review 10. The CESG IA Certification scheme 11. HMG Security-related documents 12. Appendix A - Taxonomies and descriptions 13. Appendix B - Typical threats and hazards 14. Appendix C - Typical vulnerabilities 15. Appendix D - Information Risk Controls 16. Appendix E - Methodologies, guidelines and tools 17. Appendix F - Templates 18. Appendix G - HMG cyber security guidelines 19. References and further reading
David Sutton's career in IT spans nearly 50 years and includes voice and data networking, information security and critical information infrastructure protection. He delivers an annual lecture on business continuity at Royal Holloway University of London from where he holds an MSc in Information Security. He is also a co-author of Information Security Management Principles (2nd edition).
Anyone wishing to become an InfoSec risk management practitioner MUST purchase this book. David has produced an extremely useful and readable book for those entering this discipline and indeed those practitioners wishing to have an invaluable reference resource sitting on their bookshelf. I highly recommended it. -- John Hughes * Director, SecID Consultants * Information is the 21st century's new gold and protecting such a volatile asset is a tremendous challenge. This book provides many keys to understanding important concepts and possible approaches for mitigating the associated risks. -- Lionel Dupre * Networks and Information Security Expert at ENISA * This book is a well written and illustrated throughout, covering the subject area to a sufficient level of detail for both novices and experienced practitioners requiring a refresher. A very practical and complete guide to managing risks within an organisation. -- Mehmet Hurer