Rating:
(3 reviews)
Author: Timothy P. Layton
ISBN : 0849370876
New from $77.74
Format: PDF, EPUB
Direct download links available Free Information Security: Design, Implementation, Measurement, and Compliance [Hardcover] for everyone book 4shared, mediafire, hotfile, and mirror link
Organizations rely on digital information today more than ever before. Unfortunately, that information is equally sought after by criminals. New security standards and regulations are being implemented to deal with these threats, but they are very broad and organizations require focused guidance to adapt the guidelines to their specific needs.
Fortunately, Information Security: Design, Implementation, Measurement, and Compliance outlines a complete roadmap to successful adaptation and implementation of a security program based on the ISO/IEC 17799:2005 (27002) Code of Practice for Information Security Management. The book first describes a risk assessment model, a detailed risk assessment methodology, and an information security evaluation process. Upon this foundation, the author presents a proposed security baseline for all organizations, an executive summary of the ISO/IEC 17799 standard, and a gap analysis exposing the differences between the recently rescinded version and the newly released version of the standard. Finally, he devotes individual chapters to each of the 11 control areas defined in the standard, covering systematically the 133 controls within the 39 control objectives.
Tim Layton's Information Security is a practical tool to help you understand the ISO/IEC 17799 standard and apply its principles within your organization's unique context.
Books with free ebook downloads available Free Information Security: Design, Implementation, Measurement, and Compliance [Hardcover]
- Hardcover: 264 pages
- Publisher: Auerbach Publications; 1 edition (July 20, 2006)
- Language: English
- ISBN-10: 0849370876
- ISBN-13: 978-0849370878
- Product Dimensions: 0.8 x 6 x 9.4 inches
- Shipping Weight: 1.1 pounds (View shipping rates and policies)
Free Information Security: Design, Implementation, Measurement, and Compliance
The goal of Information Security: Design, Implementation, Measurement, and Compliance is to provide the reader with an in-depth perspective of the ISO/IEC 17799 information security standard and how to use it to measure an information security program.
As an introduction; ISO/IEC 17799 is an information security standard published and revised in June 2005 by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). It is entitled Information technology - Security techniques - Code of practice for information security management. The current standard is a revision of the version published in 2000, which was an exact copy of the British Standard (BS) 7799-1:1999.
ISO/IEC 17799 provides best practice recommendations on information security management for use by those who are responsible for initiating, implementing or maintaining Information Security Management Systems (ISMS). Information security is defined within the standard in the context of the C-I-A triad (confidentiality, integrity, availability).
At just over 200 pages, the books 17 chapters provides the reader with a densely packed overview of the ISO/IEC 17799 standard. In addition, the book covers the details of how to perform a qualitative-based risk assessment. It provides a methodology on how to assess the various types of risk. The author breaks them out into four different areas, namely: human malicious (sabotage, terrorists, etc.), human non-malicious human error, poor management philosophy, etc.), accidental (airplane crash, telecommunication failure, etc.), and other (natural or other unplanned disruptions or disasters).