A practical guide to security assessments
The modern dependence upon information technology and the corresponding information security regulations and requirements force companies to evaluate the security of their core business processes, mission critical data, and supporting IT environment. Combine this with a slowdown in IT spending resul...
| Autor principal: | |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Boca Raton, Fla. :
Auerbach Publications
c2005.
|
| Edición: | 1st edition |
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009627227406719 |
Tabla de Contenidos:
- Book Cover; Half-Title; Title; Copyright; About the Author; Preface; Table of Contents; 1 Introduction; 2 Evolution of Information Security; 3 The Information Security Program and How a Security Assessment Fits In; 4 Planning; 5 Initial Information Gathering; 6 Business Process Evaluation; 7 Technology Evaluation; 8 Risk Analysis and Final Presentation; 9 Information Security Standards; 10 Information Security Legislation; Appendices Security Questionnaires and Checklists; Appendix A Preliminary Checklist to Gather Information
- Appendix B Generic Questionnaire for Meetings with Business Process OwnersAppendix C Generic Questionnaire for Meetings with Technology Owners; Appendix D Data Classification; Appendix E Data Retention; Appendix F Backup and Recovery; Appendix G Externally Hosted Services; Appendix H Physical Security; Appendix I Employee Termination; Appendix J Incident Handling; Appendix K Business to Business (B2B); Appendix L Business to Consumer (B2C); Appendix M Change Management; Appendix N User ID Administration; Appendix O Managed Security; Appendix P Media Handling; Appendix Q HIPAA Security; Index
