|
You can order Assessing and Managing Security Risk in IT Systems: a Structured Methodology from Auerbach Publications
here.Bulk orders and discounts for quantity purchases can be arranged with George Kenny at (800) 272-7737 extension 2544.
|
Textbook Description:
This book is written to push back the advance of security-as-art and supplant it with a structured methodology that functions independent of technology evolution. The author outlines a simple yet thorough process to guide readers in the analysis and mitigation of risks in IT systems. The handbook contains enough detail to ensure practitioners and policy makers can apply the concepts of the model. Because it does not delve into technical implications, an in-depth technical background is not necessary, although all technical people can work within its structure. Assessing and Managing Security Risk in IT Systems promises to become the most dog-eared possession for anyone charged with security in IT systems.
Editorial Reviews
From Book News, Inc.
The information security implementation and assessment methodology presented in this work is applicable to any system and is not affected by the rapid technological change that characterizes information technology, argues the author. He introduces the basics of information systems security before describing his "McCumber Cube" methodology, first introduced in 1991. The methodology rests on the relationships between the tracking of information as it moves through states of transmission, storage, and processing; the charting of information security attributes of confidentiality, integrity, and availability; and judging the information security risks of technology, procedures, and human interventions.
Copyright © 2004 Book News, Inc., Portland, OR
|
