We are currently upgrading our print fulfillment systems. Print book orders placed between Sept 22 and Oct 9 will be delayed. Delivery of these orders will start on Oct 10, with purchases being fulfilled in the order received. Buy the Print and get eBook immediately for FREE. Use Code BOGO. Or save up to 40% on all orders with code: DELTA. Exclusions apply. Click here for terms and conditions.
Information Security Risk Assessment Toolkit

Information Security Risk Assessment Toolkit, 1st Edition

Practical Assessments through Data Collection and Data Analysis

Information Security Risk Assessment Toolkit, 1st Edition,Mark Talabis,Jason Martin,ISBN9781597497350






235 X 191

Practical, achievable and sustainable information security risk assessment methodology.


Additional materials for this book are available on the following website. Please copy and paste this URL on your browser: http://securitytoolk.it/

Print Book + eBook

USD 59.94
USD 99.90

Buy both together and save 40%

Print Book


In Stock

Estimated Delivery Time
USD 49.95

eBook Overview

VST format:

DRM Free included formats: EPub, Mobi, PDF

USD 49.95
Add to Cart

Key Features

    • Based on authors’ experiences of real-world assessments, reports, and presentations
    • Focuses on implementing a process, rather than theory, that allows you to derive a quick and valuable assessment
    • Includes a companion web site with spreadsheets you can utilize to create and maintain the risk assessment


    In order to protect company’s information assets such as sensitive customer records, health care records, etc., the security practitioner first needs to find out: what needs protected, what risks those assets are exposed to, what controls are in place to offset those risks, and where to focus attention for risk treatment. This is the true value and purpose of information security risk assessments.  Effective risk assessments are meant to provide a defendable analysis of residual risk associated with your key assets so that risk treatment options can be explored.  Information Security Risk Assessments gives you the tools and skills to get a quick, reliable, and thorough risk assessment for key stakeholders.


    Information Security Officers, IT Auditors, IT Professionals, Chief Information Officers, Privacy Officers, Risk Officers, IT Enterprise Architects

    Mark Talabis

    Mark Ryan Talabis is a Manager for the Secure DNA Consulting practice. Prior to joining Secure DNA he was a consultant in the Asian Development Bank (ADB). He has extensive experience in information security risk assessments, information security policy and program development, vulnerability assessments and penetration testing and has specialized expertise in security analytics and data mining as applied to information security. He has a Master’s degree in Information Technology; Certified Information Systems Security Professional (CISSP); Certified Information Systems Auditor (CISA); a GIAC Certified Incident Handler Certification (GCIH); a GIAC Security Essentials Certification (GSEC); Certified in Risk and Information Systems Control (CRISC); and a Microsoft Certified Professional (MCP) on SQL Server Administration;. He has presented in various security and academic conferences around the world including Blackhat and Defcon and has a number of published papers to his name in various peer-reviewed journals. He is an alumni member of the Honeynet Project and is currently taking a Master of Liberal Arts (ALM) in Extension Studies in Harvard University.

    Affiliations and Expertise

    is a Manager for the Secure DNA Consulting practice.

    Jason Martin

    Jason Martin is the President and CEO of Secure DNA, an Information Security Company that provides security solutions to companies throughout the United States and Asia. Prior to joining Secure DNA he was a Manager within KPMG’s Information Risk Management group. In his professional services role Mr. Martin has successfully designed, implemented, and operated security programs for multi-billion dollar organizations within Hawaii and the US Mainland as well as provided subject matter expertise as an executive level security advisor to companies throughout the world. He is a Certified Information Security Manager (CISM), a Certified Information Systems Security Professional (CISSP), a Certified Information Systems Auditor (CISA), Certified in the Governance of Enterprise IT (CGEIT), and holds the designation as Certified in Risk and Information Systems Control (CRISC). He has advised Lawmakers on emerging cyber security risks and is working with legislatures to enhance state privacy laws. He is a frequent speaker and instructor at security and audit training events and seminars, is a founder of the Shakacon Security Conference, and is on the board of advisors for the Hackito Ergo Sum security conference in France. He is a former board member for the Hawaii chapter of ISACA and is a current board member for the Hawaii chapter of INFRAGARD.

    Affiliations and Expertise

    is the President and CEO of Secure DNA

    Information Security Risk Assessment Toolkit, 1st Edition

    Chapter 1: Information Security Risk Assessments

    Chapter 2: A Practical Approach

    Chapter 3:  Data Collection

    Chapter 4: Data Analysis

    Chapter 5:  Risk Assessment

    Chapter 6: Risk Prioritization and Treatment

    Chapter 7:  Reporting

    Chapter 8: Maintenance and Wrap Up

    Shop with Confidence

    Free Shipping around the world
    ▪ Broad range of products
    ▪ 30 days return policy