Information Security Risk Analysis - Softcover

Peltier, Thomas R.

 
9780849308802: Information Security Risk Analysis
Softcover
ISBN 10: 0849308801 ISBN 13: 9780849308802
Publisher: Auerbach Publications, 2001

Synopsis

Risk is a cost of doing business. The question is, "What are the risks, and what are their costs?" Knowing the vulnerabilities and threats that face your organization's information and systems is the first essential step in risk management.

Information Security Risk Analysis shows you how to use cost-effective risk analysis techniques to identify and quantify the threats--both accidental and purposeful--that your organization faces. The book steps you through the qualitative risk analysis process using techniques such as PARA (Practical Application of Risk Analysis) and FRAP (Facilitated Risk Analysis Process) to:

  • Evaluate tangible and intangible risks
  • Use the qualitative risk analysis process
  • Identify elements that make up a strong Business Impact Analysis
  • Conduct risk analysis with confidence

    Management looks to you, its information security professional, to provide a process that allows for the systematic review of risk, threats, hazards, and concerns, and to provide cost-effective measures to lower risk to an acceptable level. You can find books that cover risk analysis for financial, environmental, and even software projects, but you will find none that apply risk analysis to information technology and business continuity planning or deal with issues of loss of systems configuration, passwords, information loss, system integrity, CPU cycles, bandwidth, and more. Information Security Risk Analysis shows you how to determine cost effective solutions for your organization's information technology.

    • "synopsis" may belong to another edition of this title.

    Review

    "Introduces risk analysis techniques that can be used to identify and quantify both accidental and malicious threats to computer systems within an organization." -Sci Tech Book News, Vol. 25, No. 3, September 2001 "This book has radically influenced my approach to security risk managementFrom the beginning this book grabs your attentionif you purchase this book for the tables and checklists alone you would be getting a bargainIf you perform security risk analysis, or business continuity or disaster recovery planning this book is 'must reading'earns a solid 5 stars and Mr. Peltier earns my gratitude for showing me a better way." --Mike Tarrani, on Amazon.com

    Synopsis

    The risk management process supports executive decision-making, allowing managers and owners to perform their fiduciary responsibility of protecting the assets of their enterprises. This crucial process should not be a long, drawn-out affair. To be effective, it must be done quickly and efficiently. "Information Security Risk Analysis, Second Edition" enables CIOs, CSOs, and MIS managers to understand when, why, and how risk assessments and analyses can be conducted effectively. This book discusses the principle of risk management and its three key elements: risk analysis, risk assessment, and vulnerability assessment. It examines the differences between quantitative and qualitative risk assessment, and details how various types of qualitative risk assessment can be applied to the assessment process. The text offers a thorough discussion of recent changes to FRAAP and the need to develop a pre-screening method for risk assessment and business impact analysis.

    "About this title" may belong to another edition of this title.

    Publisher
    Auerbach Publications
    Publication date
    2001
    Language
    English
    ISBN 10 
    0849308801
    ISBN 13 
    9780849308802
    Binding
    Paperback
    Edition number
    1
    Number of pages
    296

    Other Popular Editions of the Same Title

    9780849385353: Information Security Risk Analysis On-line Self-study Course

    Featured Edition

    ISBN 10:  0849385350 ISBN 13:  9780849385353
    Publisher: CRC Press, 2005
    Hardcover