وبلاگ بلیان

Information Technology Risk Management in Enterprise Environments : A Review of Industry Practices and a Practical Guide to Risk Management Teams

معرفی کتاب «Information Technology Risk Management in Enterprise Environments : A Review of Industry Practices and a Practical Guide to Risk Management Teams» نوشتهٔ Jake Kouns, Daniel Minoli، منتشرشده توسط نشر Wiley-Interscience; Wiley در سال 2010. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.

* Discusses all types of corporate risks and practical means of defending against them. * Security is currently identified as a critical area of Information Technology management by a majority of government, commercial, and industrial organizations. * Offers an effective risk management program, which is the most critical function of an information security program. Content: Chapter 1 Information Security Risk Management Imperatives and Opportunities (pages 1–32): Chapter 2 Information Security Risk Management Defined (pages 33–72): Chapter 3 Information Security Risk Management Standards (pages 73–110): Chapter 4 A Survey of Available Information Security Risk Management Methods and Tools (pages 111–163): Chapter 5 Methodologies Examples: Cobit and Octave (pages 164–210): Chapter 6 Risk Management Issues and Organization Specifics (pages 211–242): Chapter 7 Assessing Organization and Establishing Risk Management Scope (pages 243–279): Chapter 8 Identifying Resources and Implementing the Risk Management Team (pages 280–337): Chapter 9 Identifying Assets and Organization Risk Exposures (pages 338–376): Chapter 10 Remediation Planning and Compliance Reporting (pages 377–391):

Learn how an organization needs to position itself to properly handle risks to its critical assets

Information Technology Risk Management in Enterprise Environments provides a comprehensive review of industry approaches, practices, and standards on how to handle the ever-increasing risks to organizations' business-critical assets. Through a practical approach, this book explores key topics that enable readers to uncover and remediate potential infractions. The authors present an effective risk management program by providing:


  • An overview of risk assessment, mitigation, and management approaches and methodologies

  • Processes for developing a repeatable program for technological issues and human resources

  • Definitions of key concepts and security standards in the area of risk management

  • Analytical techniques for assessing the amount of risk and the benefit of risk remediation

  • Information on the development and implementation of the risk management team

Information Technology Risk Management in Enterprise Environments details fundamental corporate risks and outlines how they can be avoided. It is an essential resource for information security managers and analysts, system developers, auditors, consultants, and students in understanding the IT resources, procedures, and tools to identify and handle technology and security risks.

  • Discusses all types of corporate risks and practical means of defending against them.
  • Security is currently identified as a critical area of Information Technology management by a majority of government, commercial, and industrial organizations.
  • Offers an effective risk management program, which is the most critical function of an information security program.
دانلود کتاب Information Technology Risk Management in Enterprise Environments : A Review of Industry Practices and a Practical Guide to Risk Management Teams