Successful security professionals have had to modify the process of responding to new threats in the high-profile, ultra-connected business environment. But just because a threat exists does not mean that your organization is at risk. This is what risk assessment is all about. Information Security Risk Analysis, Third Edition demonstrates how to identify threats your company faces and then determine if those threats pose a real risk to your organization.
Authored by renowned security expert and certification instructor, Thomas Peltier, this authoritative reference provides you with the knowledge and the skill-set needed to achieve a highly effective risk analysis assessment in a matter of days.
Supplemented with online access to user-friendly checklists, forms, questionnaires, sample assessments, and other documents, this work is truly a one-stop, how-to resource for industry and academia professionals.
This book illustrates how to develop the related standards, procedures, and guidelines for implementing policy. Each chapter provides advice on the structural mechanics of the various documents as well as an example of each form. This new edition updates material on the concept of responsibilities that reflects the general nature of the individuals responsible. Standards and procedures are also updated to reflect the work done in the field during 2002 with additional examples. ISO 17799 is used to identify possible standards that enterprises can create.
This includes better explanations of what to use and when to use it.