Information security risk management for ISO27001/ISO27002
<span>Describes in practical detail how to carry out an information security risk assessment based on international best practice standards such as ISO/IEC 27005, NIST SP800-30 and BS7799-3.<br /></span>
| Autor principal: | |
|---|---|
| Otros Autores: | |
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Cambridgeshire :
IT Governance Pub
c2010.
|
| Edición: | 2nd ed |
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009628444806719 |
Tabla de Contenidos:
- Introduction; Chapter 1: Risk Management; Chapter 2: Risk Assessment Methodologies; Chapter 3: Risk Management Objectives; Chapter 4: Roles and Responsibilities; Chapter 5: Risk Assessment Software; Chapter 6: Information Security Policy and Scoping; Chapter 7: The ISO27001 Risk Assessment; Chapter 8: Information Assets; Chapter 9: Threats and Vulnerabilities; Chapter 10: Impact and Asset Valuation; Chapter 11: Likelihood; Chapter 12: Risk Level; Chapter 13: Risk Treatment and the Selection of Controls; Chapter 14: The Statement of Applicability
- Chapter 15: The Gap Analysis and Risk Treatment PlanChapter 16: Repeating and Reviewing the Risk Assessment; Appendix 1: Carrying out an ISO27001 Risk Assessment using vsRiskTM; Appendix 2: ISO27001 Implementation Resources; Books by the Same Authors; ITG Resources
