Skip to main content

Save up to 30% on Elsevier print and eBooks with free shipping. No promo code needed.

Save up to 30% on print and eBooks.

Information Assurance

Managing Organizational IT Security Risks

  • 1st Edition - June 3, 2002
  • Authors: Joseph Boyce, Daniel Jennings
  • Language: English
  • eBook ISBN:
    9 7 8 - 0 - 0 8 - 0 5 0 8 7 1 - 9

Written by two INFOSEC experts, this book provides a systematic and practical approach for establishing, managing and operating a comprehensive Information Assurance program. It… Read more

Information Assurance

Purchase options

LIMITED OFFER

Save 50% on book bundles

Immediately download your ebook while waiting for your print delivery. No promo code is needed.

Institutional subscription on ScienceDirect

Request a sales quote
Written by two INFOSEC experts, this book provides a systematic and practical approach for establishing, managing and operating a comprehensive Information Assurance program. It is designed to provide ISSO managers, security managers, and INFOSEC professionals with an understanding of the essential issues required to develop and apply a targeted information security posture to both public and private corporations and government run agencies.There is a growing concern among all corporations and within the security industry to come up with new approaches to measure an organization's information security risks and posture. Information Assurance explains and defines the theories and processes that will help a company protect its proprietary information including: * The need to assess the current level of risk.* The need to determine what can impact the risk.* The need to determine how risk can be reduced.The authors lay out a detailed strategy for defining information security, establishing IA goals, providing training for security awareness, and conducting airtight incident response to system compromise. Such topics as defense in depth, configuration management, IA legal issues, and the importance of establishing an IT baseline are covered in-depth from an organizational and managerial decision-making perspective.