Vous voulez voir cette page en français ? Cliquez ici.


or
Sign in to turn on 1-Click ordering.
More Buying Choices
Have one to sell? Sell yours here
Information Security Governance
 
 
Share your own customer images
Search inside this book

Information Security Governance [Hardcover]

Krag Brotby (Author)
List Price: CDN$ 97.95
Price: CDN$ 61.71 & this item ships for FREE with Super Saver Shipping. Details
You Save: CDN$ 36.24 (37%)
o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o
Usually ships within 2 to 5 weeks.
Ships from and sold by Amazon.ca. Gift-wrap available.

Product Details

Product Description

Product Description

The Growing Imperative Need for Effective Information Security Governance

With monotonous regularity, headlines announce ever more spectacular failures of information security and mounting losses. The succession of corporate debacles and dramatic control failures in recent years underscores the necessity for information security to be tightly integrated into the fabric of every organization. The protection of an organization's most valuable asset information can no longer be relegated to low-level technical personnel, but must be considered an essential element of corporate governance that is critical to organizational success and survival.

Written by an industry expert, Information Security Governance is the first book-length treatment of this important topic, providing readers with a step-by-step approach to developing and managing an effective information security program. Beginning with a general overview of governance, the book covers:

  • The business case for information security

  • Defining roles and responsibilities

  • Developing strategic metrics

  • Determining information security outcomes

  • Setting security governance objectives

  • Establishing risk management objectives

  • Developing a cost-effective security strategy

  • A sample strategy development

  • The steps for implementing an effective strategy

  • Developing meaningful security program development metrics

  • Designing relevant information security management metrics

  • Defining incident management and response metrics

Complemented with action plans and sample policies that demonstrate to readers how to put these ideas into practice, Information Security Governance is indispensable reading for any professional who is involved in information security and assurance.

From the Back Cover

The Growing Imperative Need for Effective Information Security Governance

With monotonous regularity, headlines announce ever more spectacular failures of information security and mounting losses. The succession of corporate debacles and dramatic control failures in recent years underscores the necessity for information security to be tightly integrated into the fabric of every organization. The protection of an organization's most valuable asset information can no longer be relegated to low-level technical personnel, but must be considered an essential element of corporate governance that is critical to organizational success and survival.

Written by an industry expert, Information Security Governance is the first book-length treatment of this important topic, providing readers with a step-by-step approach to developing and managing an effective information security program. Beginning with a general overview of governance, the book covers:

  • The business case for information security

  • Defining roles and responsibilities

  • Developing strategic metrics

  • Determining information security outcomes

  • Setting security governance objectives

  • Establishing risk management objectives

  • Developing a cost-effective security strategy

  • A sample strategy development

  • The steps for implementing an effective strategy

  • Developing meaningful security program development metrics

  • Designing relevant information security management metrics

  • Defining incident management and response metrics

  • Complemented with action plans and sample policies that demonstrate to readers how to put these ideas into practice, Information Security Governance is indispensable reading for any professional who is involved in information security and assurance.

See all Product Description
Inside This Book (Learn More)
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index | Back Cover
Search inside this book:

Tag this product

 (What's this?)
Think of a tag as a keyword or label you consider is strongly related to this product.
Tags will help all customers organize and find favorite items.
Your tags: Add your first tag
 
See most popular tags

Customer Reviews

There are no customer reviews yet on Amazon.ca
5 star:    (0)
4 star:    (0)
3 star:    (0)
2 star:    (0)
1 star:    (0)
 
 
 
Share your experience with this product with others
Create your own review
Most Helpful Customer Reviews on Amazon.com (beta)
Amazon.com: 5.0 out of 5 stars (1 customer review)

1 of 1 people found the following review helpful
5.0 out of 5 stars The kind of book that grows on you, Jan 20 2011
By Dr. G. Hinson "Gary" - Published on Amazon.com
Amazon Verified Purchase(What's this?)
This review is from: Information Security Governance (Hardcover)
While inevitably introducing related aspects such as general/corporate governance and management, information, risk and information security management, and IT security operations, the book's prime focus is firmly on the governance of information security. A rational process for determining the strategy and defining desirable outcomes and strategic objectives for information security runs like a center-line from start to finish.

This is an advanced management topic of direct concern to senior information security, risk management and related assurance professionals. Although unfortunately only CISOs or CIOs may be prepared to set aside the time needed to really study a book of this depth, it is equally valuable for all C-suite executive managers and board members with a genuine interest in aligning information security with other business objectives.

As with Krag's complementary book on security metrics (Information Security Management Metrics: A Definitive Guide to Effective Security Monitoring and Measurement), the depth of coverage is a little inconsistent with a couple of the chapters, including the conclusion, being surprisingly short. Chapter three on legal and regulatory requirements, for instance, is just over three pages long although compliance is undoubtedly an important governance issue and, unfortunately, a major strategic driver in this field. To be fair, most of the laws, regulations and standards are self-explanatory and there are hundreds, maybe thousands of them across the globe so there would be little point in going through them in detail here.

Information Security Governance confidently covers challenging material on a subject that many find hard to even describe, let alone understand. The effort needed to read and learn from this book pays off through a better appreciation of both the theoretical background and the practical steps needed to design, develop, implement and manage - or govern - information security at the strategic level.
 Go to Amazon.com to see the review  5.0 out of 5 stars 

Listmania!

Create a Listmania! list

Look for similar items by category

Look for similar items by subject























i.e., each book must be in subject 1 AND subject 2 AND ...

Feedback

Would you like to update product info or give feedback on images?

Amazon.ca Privacy Statement Amazon.ca Shipping Information Amazon.ca Returns & Exchanges