Overview
- Focuses on timeless, practical, hands-on advice and actionable strategies
- Think like a seasoned security professional, understanding how cyber-criminals subvert systems with subtle and insidious tricks
- Write clear, easy-to-follow, comprehensive security policies and procedures
- Does not get into the minutiae of the technical details, which become obsolete in a few years
Access this book
Tax calculation will be finalised at checkout
Other ways to access
Table of contents (24 chapters)
-
Getting a Handle on Things
-
Wrangling the Organization
-
Managing Risk with Controls
Keywords
About this book
Follow step-by-step guidance to craft a successful security program. You will identify with the paradoxes of information security and discover handy tools that hook security controls into business processes.
Information security is more than configuring firewalls, removing viruses, hacking machines, or setting passwords. Creating and promoting a successful security program requires skills in organizational consulting, diplomacy, change management, risk analysis, and out-of-the-box thinking.
What You Will Learn:
- Build a security program that will fit neatly into an organization and change dynamically to suit both the needs of the organization and survive constantly changing threats
- Prepare for and pass such common audits as PCI-DSS, SSAE-16, and ISO 27001
- Calibrate the scope, and customize security controls to fit into an organization’s culture
- Implement the most challenging processes, pointing out common pitfalls and distractions
- Frame security and risk issues to be clear and actionable so that decision makers, technical personnel, and users will listen and value your advice
Who This Book Is For:
IT professionals moving into the security field; new security managers, directors, project heads, and would-be CISOs; and security specialists from other disciplines moving into information security (e.g., former military security professionals, law enforcement professionals, and physical security professionals)
Reviews
Authors and Affiliations
About the author
Bibliographic Information
Book Title: IT Security Risk Control Management
Book Subtitle: An Audit Preparation Plan
Authors: Raymond Pompon
DOI: https://doi.org/10.1007/978-1-4842-2140-2
Publisher: Apress Berkeley, CA
eBook Packages: Professional and Applied Computing, Apress Access Books, Professional and Applied Computing (R0)
Copyright Information: Raymond Pompon 2016
Softcover ISBN: 978-1-4842-2139-6Published: 15 September 2016
eBook ISBN: 978-1-4842-2140-2Published: 14 September 2016
Edition Number: 1
Number of Pages: XXXI, 311
Number of Illustrations: 22 b/w illustrations, 11 illustrations in colour
Topics: Security, Systems and Data Security, Information Systems Applications (incl. Internet)