|
|||||||||||||||||||||||||||||||||||
|
1 Review
|
Average Customer Review
Share your thoughts with other customers
Create your own review
|
|
Most Helpful First | Newest First
|
|
1 of 1 people found the following review helpful:
5.0 out of 5 stars
The kind of book that grows on you,
By
Amazon Verified Purchase(What's this?)
This review is from: Information Security Governance (Wiley Series in Systems Engineering and Management) (Hardcover)
While inevitably introducing related aspects such as general/corporate governance and management, information, risk and information security management, and IT security operations, the book's prime focus is firmly on the governance of information security. A rational process for determining the strategy and defining desirable outcomes and strategic objectives for information security runs like a center-line from start to finish.
This is an advanced management topic of direct concern to senior information security, risk management and related assurance professionals. Although unfortunately only CISOs or CIOs may be prepared to set aside the time needed to really study a book of this depth, it is equally valuable for all C-suite executive managers and board members with a genuine interest in aligning information security with other business objectives. As with Krag's complementary book on security metrics (Information Security Management Metrics: A Definitive Guide to Effective Security Monitoring and Measurement), the depth of coverage is a little inconsistent with a couple of the chapters, including the conclusion, being surprisingly short. Chapter three on legal and regulatory requirements, for instance, is just over three pages long although compliance is undoubtedly an important governance issue and, unfortunately, a major strategic driver in this field. To be fair, most of the laws, regulations and standards are self-explanatory and there are hundreds, maybe thousands of them across the globe so there would be little point in going through them in detail here. Information Security Governance confidently covers challenging material on a subject that many find hard to even describe, let alone understand. The effort needed to read and learn from this book pays off through a better appreciation of both the theoretical background and the practical steps needed to design, develop, implement and manage - or govern - information security at the strategic level. |
|
Most Helpful First | Newest First
|
|
Information Security Governance (Wiley Series in Systems Engineering and Management) by W. Krag Brotby (Hardcover - April 13, 2009)
$83.95 $62.96
In Stock | |
 
| ||
