Chapter 1: Information Security in the Modern Enterprise

James Pooley     A Professional Law Corporation, Menlo Park, CA, United States

Abstract

This chapter provides a set of procedures and controls for conducting assessments of information security in the modern enterprise. The procedures are customizable and can be easily tailored to provide organizations with the needed flexibility to conduct security control assessments and privacy control assessments that support organizational risk management processes and that are aligned with the stated risk tolerance of the organization. Information on building effective security assessment plans and privacy assessment plans is also provided along with guidance on analyzing assessment results.

Keywords ...

Get Computer and Information Security Handbook, 4th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.