|
You can order Assessing and Managing Security Risk in IT Systems:
a Structured Methodology from Auerbach Publications here.
Bulk orders and discounts for quantity purchases can be arranged with George Kenny at (800) 272-7737 extension 2544.
|
Textbook Description:
This book is written to push back
the advance of security-as-art and supplant it with a structured methodology that functions independent of technology evolution.
The author outlines a simple yet thorough process to guide readers in the analysis and mitigation of risks in IT systems.
The handbook contains enough detail to ensure practitioners and policy makers can apply the concepts of the model. Because
it does not delve into technical implications, an in-depth technical background is not necessary, although all technical people
can work within its structure. Assessing and Managing Security Risk in IT Systems promises to become the most dog-eared possession
for anyone charged with security in IT systems.
Editorial Reviews
From Book News, Inc.
The information
security implementation and assessment methodology presented in this work is applicable to any system and is not affected
by the rapid technological change that characterizes information technology, argues the author. He introduces the basics of
information systems security before describing his "McCumber Cube" methodology, first introduced in 1991. The methodology
rests on the relationships between the tracking of information as it moves through states of transmission, storage, and processing;
the charting of information security attributes of confidentiality, integrity, and availability; and judging the information
security risks of technology, procedures, and human interventions.
Copyright © 2004 Book News, Inc., Portland, OR
|
