A Practical Guide to Security Assessments
eBook - PDF

A Practical Guide to Security Assessments

  1. 520 pages
  2. English
  3. PDF
  4. Available on iOS & Android
eBook - PDF

A Practical Guide to Security Assessments

About this book

The modern dependence upon information technology and the corresponding information security regulations and requirements force companies to evaluate the security of their core business processes, mission critical data, and supporting IT environment. Combine this with a slowdown in IT spending resulting in justifications of every purchase, and security professionals are forced to scramble to find comprehensive and effective ways to assess their environment in order to discover and prioritize vulnerabilities, and to develop cost-effective solutions that show benefit to the business. A Practical Guide to Security Assessments is a process-focused approach that presents a structured methodology for conducting assessments. The key element of the methodology is an understanding of business goals and processes, and how security measures are aligned with business risks. The guide also emphasizes that resulting security recommendations should be cost-effective and commensurate with the security risk. The methodology described serves as a foundation for building and maintaining an information security program. In addition to the methodology, the book includes an Appendix that contains questionnaires that can be modified and used to conduct security assessments. This guide is for security professionals who can immediately apply the methodology on the job, and also benefits management who can use the methodology to better understand information security and identify areas for improvement.

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Yes, you can access A Practical Guide to Security Assessments by Sudhanshu Kairab in PDF and/or ePUB format, as well as other popular books in Business & Business General. We have over one million books available in our catalogue for you to explore.

Information

Publisher
Auerbach Publications
Year
2004
eBook ISBN
9780203507230
Edition
1
Topic
Business
Subtopic
Business General
Index
Business

Table of contents

  1. Front cover
  2. About the Author
  3. Preface
  4. Table of Contents
  5. Chapter 1. Introduction
  6. Chapter 2. Evolution of Information Security
  7. Chapter 3. The Information Security Program and How a Security Assessment Fits In
  8. Chapter 4. Planning
  9. Chapter 5. Initial Information Gathering
  10. Chapter 6. Business Process Evaluation
  11. Chapter 7. Technology Evaluation
  12. Chapter 8. Risk Analysis and Final Presentation
  13. Chapter 9. Information Security Standards
  14. Chapter 10. Information Security Legislation
  15. Security Questionnaires and Checklists
  16. Appendices: Security Questionnaires and Checklists
  17. Appendix A: Preliminary Checklist to Gather Information
  18. Appendix B: Generic Questionnaire for Meetings with Business Process Owners
  19. Appendix C: Generic Questionnaire for Meetings with Technology Owners
  20. Appendix D: Data Classification
  21. Appendix E: Data Retention
  22. Appendix F: Backup and Recovery
  23. Appendix G: Externally Hosted Services
  24. Appendix H: Physical Security
  25. Appendix I: Employee Termination
  26. Appendix J: Incident Handling
  27. Appendix K: Business to Business (B2B)
  28. Appendix L: Business to Consumer (B2C)
  29. Appendix M: Change Management
  30. Appendix N: User ID Administration
  31. Appendix O: Managed Security
  32. Appendix P: Media Handling
  33. Appendix Q: HIPAA Security
  34. Index
  35. Back cover