Security - Computer Networks, Computer Security
Log in to track your reading progress.
Overview
The risk management process supports executive decision-making, allowing managers and owners to perform their fiduciary responsibility of protecting the assets of their enterprises. This crucial process should not be a long, drawn-out affair. To be effective, it must be done quickly and efficiently.Information Security Risk Analysis, Second Edition enables CIOs, CSOs, and MIS managers to understand when, why, and how risk assessments and analyses can be conducted effectively. This book discusses the principle of risk management and its three key elements: risk analysis, risk assessment, and vulnerability assessment. It examines the differences between quantitative and qualitative risk assessment, and details how various types of qualitative risk assessment can be applied to the assessment process. The text offers a thorough discussion of recent changes to FRAAP and the need to develop a pre-screening method for risk assessment and business impact analysis.
Editorials
Booknews
Introduces risk analysis techniques that can be used to identify and quantify both accidental and malicious threats to computer systems within an organization. The author walks through the qualitative risk analysis process using such techniques as the practical application of risk analysis (PARA) and the facilitated risk analysis process (FRAP). A case study of a truck rental company illustrates application of the method. The appendices provide a questionnaire and sample process forms. Annotation c. Book News, Inc., Portland, OR (booknews.com)Book Details
Published
June 28, 2001
Publisher
Boca Raton, Fla. : CRC Press, c2001
Pages
296
Format
Hardcover
ISBN
9780849308802