Book description
Follow step-by-step guidance to craft a successful security program. You will identify with the paradoxes of information security and discover handy tools that hook security controls into business processes.
Information security is more than configuring firewalls, removing viruses, hacking machines, or setting passwords. Creating and promoting a successful security program requires skills in organizational consulting, diplomacy, change management, risk analysis, and out-of-the-box thinking.
What You'll Learn
Build a security program that will fit neatly into an organization and change dynamically to suit both the needs of the organization and survive constantly changing threats
Prepare for and pass such common audits as PCI-DSS, SSAE-16, and ISO 27001
Calibrate the scope, and customize security controls to fit into an organization's culture
Implement the most challenging processes, pointing out common pitfalls and distractions
Frame security and risk issues to be clear and actionable so that decision makers, technical personnel, and users will listen and value your advice
Who This Book Is For
IT professionals moving into the security field; new security managers, directors, project heads, and would-be CISOs; and security specialists from other disciplines moving into information security (e.g., former military security professionals, law enforcement professionals, and physical security professionals)
Product information
- Title: IT Security Risk Control Management: An Audit Preparation Plan
- Author(s):
- Release date: September 2016
- Publisher(s): Apress
- ISBN: 9781484221402
You might also like
video
Risk Management for Cybersecurity and IT Managers
Have you ever wondered why your organization's executives or your manager made a decision to fund …
book
Implementing an Information Security Management System: Security Management Based on ISO 27001 Guidelines
Discover the simple steps to implementing information security standards using ISO 27001, the most popular information …
book
Cybersecurity Risk Management
Cybersecurity Risk Management In Cybersecurity Risk Management: Mastering the Fundamentals Using the NIST Cybersecurity Framework, veteran …
book
Building a Cyber Risk Management Program
Cyber risk management is one of the most urgent issues facing enterprises today. This book presents …