Amazon.com: Information Security Governance (Wiley Series in Systems Engineering and Management) (9780470131183): Krag Brotby: Books


or
Sign in to turn on 1-Click ordering.
or
Amazon Prime Free Trial required. Sign up when you check out. Learn More
Sell Back Your Copy
For a $5.90 Gift Card
Trade in
More Buying Choices
Have one to sell? Sell yours here
Information Security Governance (Wiley Series in Systems Engineering and Management)
 
 
Share your own customer images
Search inside this book
Tell the Publisher!
I'd like to read this book on Kindle

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Information Security Governance (Wiley Series in Systems Engineering and Management) [Hardcover]

Krag Brotby (Author)
5.0 out of 5 stars  See all reviews (1 customer review) |
List Price: $83.95
Price: $71.79 & this item ships for FREE with Super Saver Shipping. Details
You Save: $12.16 (14%)
o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o
In Stock.
Ships from and sold by Amazon.com. Gift-wrap available.
Only 17 left in stock--order soon (more on the way).
Want it delivered Tuesday, February 28? Choose One-Day Shipping at checkout. Details
Textbook Student FREE Two-Day Shipping for students on millions of items. Learn more

Sell Back Your Copy for $5.90
Whether you buy it used on Amazon for $64.64 or somewhere else, you can sell it back through our Book Trade-In Program at the current price of $5.90.
Used Price$64.64
Trade-in Price$5.90
Price after
Trade-in$58.74

Book Description

Publication Date: April 13, 2009 | ISBN-10: 0470131187 | ISBN-13: 978-0470131183 | Edition: 1
The Growing Imperative Need for Effective Information Security Governance

With monotonous regularity, headlines announce ever more spectacular failures of information security and mounting losses. The succession of corporate debacles and dramatic control failures in recent years underscores the necessity for information security to be tightly integrated into the fabric of every organization. The protection of an organization's most valuable asset information can no longer be relegated to low-level technical personnel, but must be considered an essential element of corporate governance that is critical to organizational success and survival.

Written by an industry expert, Information Security Governance is the first book-length treatment of this important topic, providing readers with a step-by-step approach to developing and managing an effective information security program. Beginning with a general overview of governance, the book covers:

  • The business case for information security

  • Defining roles and responsibilities

  • Developing strategic metrics

  • Determining information security outcomes

  • Setting security governance objectives

  • Establishing risk management objectives

  • Developing a cost-effective security strategy

  • A sample strategy development

  • The steps for implementing an effective strategy

  • Developing meaningful security program development metrics

  • Designing relevant information security management metrics

  • Defining incident management and response metrics

Complemented with action plans and sample policies that demonstrate to readers how to put these ideas into practice, Information Security Governance is indispensable reading for any professional who is involved in information security and assurance.

Frequently Bought Together

Customers buy this book with Security Policies and Implementation Issues (Information Systems Security & Assurance) by Robert Johnson Paperback $79.18

Information Security Governance (Wiley Series in Systems Engineering and Management) + Security Policies and Implementation Issues (Information Systems Security & Assurance)
Price For Both: $150.97

One of these items ships sooner than the other. Show details

Customers Who Bought This Item Also Bought

Editorial Reviews

From the Back Cover

The Growing Imperative Need for Effective Information Security Governance

With monotonous regularity, headlines announce ever more spectacular failures of information security and mounting losses. The succession of corporate debacles and dramatic control failures in recent years underscores the necessity for information security to be tightly integrated into the fabric of every organization. The protection of an organization's most valuable asset information can no longer be relegated to low-level technical personnel, but must be considered an essential element of corporate governance that is critical to organizational success and survival.

Written by an industry expert, Information Security Governance is the first book-length treatment of this important topic, providing readers with a step-by-step approach to developing and managing an effective information security program. Beginning with a general overview of governance, the book covers:

  • The business case for information security

  • Defining roles and responsibilities

  • Developing strategic metrics

  • Determining information security outcomes

  • Setting security governance objectives

  • Establishing risk management objectives

  • Developing a cost-effective security strategy

  • A sample strategy development

  • The steps for implementing an effective strategy

  • Developing meaningful security program development metrics

  • Designing relevant information security management metrics

  • Defining incident management and response metrics

  • Complemented with action plans and sample policies that demonstrate to readers how to put these ideas into practice, Information Security Governance is indispensable reading for any professional who is involved in information security and assurance.

About the Author

Krag Brotby, cism, has more than twenty-five years of experience in the computer security field with a focus on governance, metrics, and architecture. A frequent presenter at security conferences, he has authored a variety of publications on information security risk management, governance, and metrics. A principal author and editor of the ISACA CISM review manual and related presentation materials, he has served on the CISM Practice Analysis Task Force defining the information security practice area for the coming years.

Product Details

  • Hardcover: 189 pages
  • Publisher: Wiley; 1 edition (April 13, 2009)
  • Language: English
  • ISBN-10: 0470131187
  • ISBN-13: 978-0470131183
  • Product Dimensions: 9.3 x 6.2 x 0.7 inches
  • Shipping Weight: 14.4 ounces (View shipping rates and policies)
  • Average Customer Review: 5.0 out of 5 stars  See all reviews (1 customer review)
  • Amazon Best Sellers Rank: #1,012,785 in Books (See Top 100 in Books)

    •  Would you like to update product info or give feedback on images?

More About the Author

Visit Amazon's W. Krag Brotby Page
W. Krag Brotby
Discover books, learn about writers, read author blogs, and more.
 

Customer Reviews

1 Review
5 star:
 (1)
4 star:    (0)
3 star:    (0)
2 star:    (0)
1 star:    (0)
 
 
 
 
 
Average Customer Review
5.0 out of 5 stars (1 customer review)
 
 
 
 
Share your thoughts with other customers:
Most Helpful Customer Reviews

1 of 1 people found the following review helpful:
5.0 out of 5 stars The kind of book that grows on you, January 20, 2011
Amazon Verified Purchase(What's this?)
This review is from: Information Security Governance (Wiley Series in Systems Engineering and Management) (Hardcover)
While inevitably introducing related aspects such as general/corporate governance and management, information, risk and information security management, and IT security operations, the book's prime focus is firmly on the governance of information security. A rational process for determining the strategy and defining desirable outcomes and strategic objectives for information security runs like a center-line from start to finish.

This is an advanced management topic of direct concern to senior information security, risk management and related assurance professionals. Although unfortunately only CISOs or CIOs may be prepared to set aside the time needed to really study a book of this depth, it is equally valuable for all C-suite executive managers and board members with a genuine interest in aligning information security with other business objectives.

As with Krag's complementary book on security metrics (Information Security Management Metrics: A Definitive Guide to Effective Security Monitoring and Measurement), the depth of coverage is a little inconsistent with a couple of the chapters, including the conclusion, being surprisingly short. Chapter three on legal and regulatory requirements, for instance, is just over three pages long although compliance is undoubtedly an important governance issue and, unfortunately, a major strategic driver in this field. To be fair, most of the laws, regulations and standards are self-explanatory and there are hundreds, maybe thousands of them across the globe so there would be little point in going through them in detail here.

Information Security Governance confidently covers challenging material on a subject that many find hard to even describe, let alone understand. The effort needed to read and learn from this book pays off through a better appreciation of both the theoretical background and the practical steps needed to design, develop, implement and manage - or govern - information security at the strategic level.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No

Share your thoughts with other customers: Create your own review
 
 
 
Only search this product's reviews


Front Cover | Table of Contents | First Pages | Index | Back Cover | Surprise Me!
Search Inside This Book:
Inside This Book (learn more)
Key Phrases - Statistically Improbable Phrases (SIPs): (learn more)
information security governance, information security management metrics, defining outcomes, strategic metrics, security architecture, review manual, various assurance functions, defined control objectives, defined management function, information security manager, information security risk management, key goal indicators, governance objectives, information security program, assurance providers, security baselines, business impact assessment, information security risks, recovery time objectives, risk management objectives, operational metrics, security reporting, information security policies, breach losses, risk management efforts
Key Phrases - Capitalized Phrases (CAPs): (learn more)
John Wiley, Security Governance Objectives, Elements of Strategy, Information Security Outcomes, Implementing Strategy, United States, Information Security Operational Metrics, Governance Institute, Capability Maturity Model, Senior Executive, Governance Overview, Aberdeen Group, Other Approaches, Assets Motivation Process People Location Time, United Kingdom
Browse Sample Pages:
Front Cover | Table of Contents | First Pages | Index | Back Cover | Surprise Me!
Search Inside This Book:

Tags Customers Associate with This Product

 (What's this?)
Click on a tag to find related items, discussions, and people.
 
(1)
(1)
(1)
(1)
(1)
(1)
Agree with these tags?
See all 7 tags...

Your tags: Add your first tag
 
See most popular tags

Sell a Digital Version of This Book in the Kindle Store

If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store. Learn more

Customer Discussions

This product's forum
Discussion Replies Latest Post
No discussions yet

Ask questions, Share opinions, Gain insight
Start a new discussion
Topic:
First post:
Prompts for sign-in
 


Active discussions in related forums
Search Customer Discussions
Search all Amazon discussions
   
Related forums

So You'd Like to...


Create a guide

Look for Similar Items by Category

Look for Similar Items by Subject

Search Books by subject:




















i.e., each book must be in subject 1 AND subject 2 AND ...