»
Risk Management Framework
 
 

Risk Management Framework, 1st Edition

A Lab-Based Approach to Securing Information Systems

 
Risk Management Framework, 1st Edition,James Broad,ISBN9781597499958
 
 
 

  

Syngress

9781597499958

9780124047235

316

235 X 191

Learn how to implement the Risk Management Framework through a comprehensive case study and hands on lab-based approach.

Print Book + eBook

USD 71.94
USD 119.90

Buy both together and save 40%

Print Book

Paperback

In Stock

Estimated Delivery Time
USD 59.95

eBook
eBook Overview

VST format:

DRM Free included formats: EPub, Mobi, PDF

USD 59.95
Add to Cart
 
 

Key Features

• A comprehensive case study from initiation to decommission and disposal

• Detailed explanations of the complete RMF process and its linkage to the SDLC

• Hands on exercises to reinforce topics

• Complete linkage of the RMF to all applicable laws, regulations and publications as never seen before

Description

The RMF allows an organization to develop an organization-wide risk framework that reduces the resources required to authorize a systems operation. Use of the RMF will help organizations maintain compliance with not only FISMA and OMB requirements but can also be tailored to meet other compliance requirements such as Payment Card Industry (PCI) or Sarbanes Oxley (SOX). With the publishing of NIST SP 800-37 in 2010 and the move of the Intelligence Community and Department of Defense to modified versions of this process, clear implementation guidance is needed to help individuals correctly implement this process. No other publication covers this topic in the detail provided in this book or provides hands-on exercises that will enforce the topics. Examples in the book follow a fictitious organization through the RMF, allowing the reader to follow the development of proper compliance measures. Templates provided in the book allow readers to quickly implement the RMF in their organization. The need for this book continues to expand as government and non-governmental organizations build their security programs around the RMF. The companion website provides access to all of the documents, templates and examples needed to not only understand the RMF but also implement this process in the reader’s own organization.

Readership

Information Security professionals of all levels, systems administrators, information technology leaders, network administrators, information auditors, security managers, and an academic audience among information assurance majors.

James Broad

James Broad (CISSP, C|EH, CPTS, Security+, MBA) is the President and owner of Cyber-Recon, LLC, where he and his team of consultants specialize in Information Security, Information Assurance, Certification and Accreditation and offer other security consultancy services to corporate and government clients. As a security professional with over 20 years of real-world IT experience, James is an expert in many areas of IT security, specializing in security engineering, penetration testing, vulnerability analysis and research. He has provided security services in the nation’s most critical sectors including defense, law enforcement, intelligence, finance and healthcare.

Affiliations and Expertise

(CISSP, C|EH, CPTS, Security+, MBA), President and owner of Cyber-Recon, LLC.

View additional works by James Broad

Risk Management Framework, 1st Edition

Introduction

Laws, Regulation and Guidance

The Joint Task Force Transformation Initiative

Key Positions and Roles

Transition from the Four-Phase Certification and Accreditation Cycle

The RMF

Integrated Organization-Wide Risk Management

Lab Organization

Phase 1: System Categorization

Phase 2: Control Selection

Phase 3: Control Implementation

Phase 4: Control Assessment

Phase 5: System Authorization

Phase 6: Continuous Monitoring

Use of RMF in Other Environments

Future Planned Changes

Use with Other Compliance Requirements

Appendices

Quotes and reviews

"Writing for technical, administrative, and management professionals within the US government, information security consultant Broad explains the basics of the risk management framework as it pertains to the systems development life cycle of federal information technology systems, and suggests how to use this information during the development, assessment, and continuous monitoring of those systems."--Reference & Research Book News, December 2013

 
 
Shop with Confidence

Free Shipping around the world
▪ Broad range of products
▪ 30 days return policy
FAQ