International IT Governance: An Executive Guide to ISO 17799/ISO 27001
An essential resource for business managers at any-sized organization, this book provides the current best practice in managing data and information risks as companies face increasingly complex and dangerous threats to information security. The development of IT Governance, which recognizes the convergence between business and IT management, makes it essential for managers at all levels to understand how best to deal with information security risks. This text explores new legislation,...
Search in google:
An essential resource for business managers at any-sized organization, this book provides the current best practice in managing data and information risks as companies face increasingly complex and dangerous threats to information security.
1Why is information security necessary?92Sarbanes-Oxley and regulatory compliance233Information security standards314Organizing information security455Information security policy and scope636The risk assessment and statement of applicability737External parties958Asset management1099Human resources security12710Physical and environmental security14511Equipment security15712Communications and operations management16713Controls against malicious software (malware) and back-ups18114Network security management and media handling19515Exchanges of information20316Electronic commerce services21117E-mail and Internet use22318Access control23119Network access control24920Operating system access control26121Application access control and teleworking26722Systems acquisition, development and maintenance27523Cryptographic controls28124Security in development and support processes28925Monitoring and information security incident management29926Business continuity management31527Compliance32728The ISO/IEC 27001 audit345
