Practical Risk Management for the CIO (Paperback)Mark Scherling (author)
- We can order this
The growing complexity of today's interconnected systems has not only increased the need for improved information security, but also helped to move information from the IT backroom to the executive boardroom as a strategic asset. And, just like the tip of an iceberg is all you see until you run into it, the risks to your information are mostly invisible until disaster strikes.
Detailing procedures to help your team perform better risk assessments and aggregate results into more meaningful metrics, Practical Risk Management for the CIO approaches information risk management through improvements to information management and information security. It provides easy-to-follow guidance on how to effectively manage the flow of information and incorporate both service delivery and reliability.
Explains why every CIO should be managing his or her information differently Provides time-tested risk ranking strategies Considers information security strategy standards such as NIST, FISMA, PCI, SP 800, & ISO 17799Supplies steps for managing: information flow, classification, controlled vocabularies, life cycle, and data leakageDescribes how to put it all together into a complete information risk management framework
Information is one of your most valuable assets. If you aren't on the constant lookout for better ways to manage it, your organization will inevitably suffer. Clarifying common misunderstandings about the risks in cyberspace, this book provides the foundation required to make more informed decisions and effectively manage, protect, and deliver information to your organization and its constituents.
Publisher: Taylor & Francis Ltd
Number of pages: 399
Weight: 739 g
Dimensions: 234 x 156 mm
This is an exceptionally well-written primer for anyone responsible for corporate information risk management. ... It's obvious that the author has regularly encountered and solved the problems he describes in the course of his three decades in Canadian government and justice IT, and he has an appealing no-nonsense approach. ...the true greatest strength of this book is its holistic viewpoint - all too rare and much appreciated - that demonstrates how all the disparate aspects of information management actually fit together to create a robust business asset base. I can unhesitatingly recommend it, not only to CIOs but also to anyone tasked with protecting corporate information assets, whatever the level of their role. It imparts understanding, which is vastly more useful than mere facts. An excellent holistic primer on corporate information management. The author's credentials are fully justified by the clear, concise and informative text. A must-have for CIOs and anyone else managing business information assets.
-Michael Barwise, BSc, CEng, CITP, MBCS, in InfoSec Reviews, September 2011
You may also be interested in...
Would you like to proceed to the App store to download the Waterstones App?