This Book is in Good Condition. Clean Copy With Light Amount of Wear. 100% Guaranteed. Summary: All organizations face risks to information and informationassets. Many organizations seek to identify and control thoserisks, usually as part of a structured approach to informationsecurity risk management. ISO/IEC27001:2005 is an internationalstandard specification for an Information Security ManagementSystem (or 'ISMS'). Organizations . Codice inventario libreria
Riassunto: All organizations face risks to information and information assets. Many organizations seek to identify and control those risks, usually as part of a structured approach to information security risk management. Risk assessment is at the heart of risk management, and the two together form the core competences of information security management. ISO27001 specifies a series of steps that must form part of the risk assessment. While a number of people in the organization will have a role to play in respect of risk assessment, these steps include a specific role for what the standard describes as asset owners . This book is a pocket guide to the ISO27001 risk assessment, and designed to assist asset owners and others who are working within an ISO27001/ISO17799 framework to deliver a qualitative risk assessment. It conforms with the guidance provided in BS7799-3:2006 and NIST SP 800-30.
L'autore: Alan Calder is the founder director of IT Governance Ltd, an information, advice and consultancy firm that helps companies tackle governance, risk management, compliance and information security issues. He has many years of senior management and board-level experience in the private and public sectors. The company's website is a 'one-stop-shop' for information, books, tools, training and consultancy on governance, risk management, compliance and information security. Steve Watkins leads the consultancy and training services of IT Governance Ltd. In his various roles in both the public and private sectors he has been responsible for most support disciplines. He has over 17 years' experience of managing integrated management systems, including maintenance of Information Security, Quality, Environmental and Investor in People certifications. As well as being a trained ISO27001 and ISO9000 auditor Steve is a trained EFQM Assessor and holds diplomas in safety and financial management. He is Deputy Chair of the Steering Committee of the DTi ISO/IEC17799 Users Group and also sits on the Management Committee of the British Standards Society where he chairs the Management Systems Special Interest Group.
Condizione libro: Used
Descrizione libro IT Governance Publishing, 2007. Paperback. Condizione libro: New. book. Codice libro della libreria 1905356269
Descrizione libro IT Governance Publishing, 2007. Paperback. Condizione libro: Used: Good. We ship International with Tracking Number! May not contain Access Codes or Supplements. Buy with confidence, excellent customer service! j. Codice libro della libreria 1905356269D