PART III

Risk Mitigation Process

CHAPTER 15Information Assurance in System Development and Acquisition

CHAPTER 16Physical and Environmental Security Controls

CHAPTER 17Information Assurance Awareness, Training and Education (AT&E)

CHAPTER 18Preventive Tools and Techniques

CHAPTER 19Access Control

Logically, the first strategy in managing risk is to try to prevent threats from exploiting existing vulnerabilities. Although we cannot reduce all risk, there is no doubt a well-implemented risk management strategy will reduce the probability of most of the risks occurring.

Part III discusses preventive controls that an organization should consider when developing protection strategies to minimize risks. It begins with Chapter 15, which highlights ...

Get Information Assurance Handbook: Effective Computer Security and Risk Management Strategies now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial