Download the Free Fishpond App!
Download on the App Store

Android App on Google play

Already own it?

Sell Yours
Home » Books » Computers » Networking » Security

Managing Information Risk

A Director's Guide

By Stewart Mitchell

Elsewhere $42.95 $23.68   Save $19.27 (45%)
Free shipping Australia wide
Ships from UK
Order Now for Christmas with e-Gift
Rating:
 
Register or sign-in to rate and get recommendations.
Format: Paperback, 74 pages
Published In: United Kingdom, 28 July 2009
Information risk is endemic in any modern organisation. From the potential for losing sensitive information to a full-system crash that incapacitates the company, the consequences can be disastrous. Yet more than half of all companies have no formal risk management practices in place, meaning they are unable to be sure their systems are secure, reliable or resilient. This pocket guide addresses the scope of risks involved in a modern IT system, and outlines strategies for working through the process of putting risk management at the heart of your corporate culture. Given that no two companies are the same, this pocket guide should not be taken as a step-by-step guide, but should provide decision makers with a solid overview of the factors they need to consider and a framework for implementing a regime that suits their needs. It provides a checklist of steps that companies need to take to safeguard against various threats, highlights potential vulnerabilities and lists methodologies for mitigating against the risks. This pocket guide draws on previous works by senior security advisory bodies - in particular the US National Institute of Standards and Technology, which has produced numerous landmark 'Special Publications' on the subject, and various UK government guidelines drawn up in the wake of high-profile data breaches. UK governmental and industry white papers were also consulted during research, including interviews with security analysts and board-level risk management practitioners.

Table of Contents

Introduction 1 Chapter 1: Managing Risk 5 Reduce/Mitigate/Control 6 Transferring risk 7 Avoid 8 Accept 9 Chapter 2: Information Risk Policy 11 Chapter 3: The Risks 13 Accidental disclosure 13 Theft of hardware or data 14 Acts of nature 14 Alteration of software 14 Redundant media 15 System configuration error 15 Suppliers and partners 15 Critical information is wrongly destroyed 16 Poor data input 16 Critical information is lost 16 Wasted assets 16 Failure to make information available 17 Chapter 4: Risk Management Framework 19 Chapter 5: Risk Assessment 23 System characterisation 23 Identify threats 24 Identify vulnerabilities 26 Control analysis 27 Likelihood determination 27 Impact analysis 28 Risk determination 29 Control recommendations 29 Documentation 30 Chapter 6: Risk Mitigation Strategy 31 Seven-stage plan 32 Chapter 7: Controls 35 Chapter 8: Interacting with Partners and Suppliers 37 Chapter 9: Standards 41 Appendix 1: Checklist for Directors 43 Appendix 2: Establishing an Information Risk Tsar 47 Further Reading 49 ITG Resources 51

About the Author

Stewart Mitchell has been an IT journalist for more than 10 years, working across a number of publications including The Sunday Times and specialist magazines such as PC Pro, Computer Shopper and PC Advisor. He has run his own internet-based business for the last four years and regularly meets with IT business leaders. Recent work has focused on the work of security professionals and the challenges they face in an ever-evolving digital world. Stewart's other best-selling pocket guides for IT Governance include Managing IT in a Downturn and How to Survive a Data Breach.

EAN: 9781849280181
ISBN: 1849280185
Publisher: IT Governance Publishing
Dimensions: 16.5 x 9.5 x 0.5 centimetres (0.06 kg)
Age Range: 15+ years
Tell a friend

Their Email:

Sell Yours

Already own this item?
Sell Yours and earn some cash. It's fast and free to list! (Learn More.)

Review this Product

BAD GOOD
 

Related Searches

 

Webmasters, Bloggers & Website Owners

You can earn a 5% commission by selling Managing Information Risk: A Director's Guide on your website. It's easy to get started - we will give you example code. After you're set-up, your website can earn you money while you work, play or even sleep!

 

Authors/Publishers

Are you the Author/Publisher? Improve sales by submitting additional information on this title.

 

This item ships from and is sold by Fishpond World Ltd.