Buy Used

Used - Very Good See details

$49.06 & this item ships for FREE with Super Saver Shipping. Details

Have one to sell? Sell yours here

Tell the Publisher!
I'd like to read this book on Kindle

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Managing an Information Security and Privacy Awareness and Training Program [Hardcover]

Rebecca Herold (Author)

4.8 out of 5 stars See all reviews (9 customer reviews) |

Available from these sellers.

FREE Two-Day Shipping for students on millions of items. Learn more

Formats	Amazon Price	New from	Used from
Hardcover	$70.66	--	--
Hardcover, April 26, 2005	--	--	--
	See # more hardcovers
	Show fewer hardcovers

There is a newer edition of this item:

Managing an Information Security and Privacy Awareness and Training Program, Second Edition 4.8 out of 5 stars (9)
$70.66

In Stock.

Book Description

Publication Date: April 26, 2005 | ISBN-10: 0849329639 | ISBN-13: 978-0849329630 | Edition: 1

Managing an Information Security and Privacy Awareness and Training Program provides a starting point and an all-in-one resource for infosec and privacy education practitioners who are building programs for their organizations. The author applies knowledge obtained through her work in education, creating a comprehensive resource of nearly everything involved with managing an infosec and privacy training course. This book includes examples and tools from a wide range of businesses, enabling readers to select effective components that will be beneficial to their enterprises. The text progresses from the inception of an education program through development, implementation, delivery, and evaluation.

#outer_postBodyPS { display: none; } #psGradient { display: none; } #psPlaceHolder { display: none; } #psExpand { display: none; } Managing an Information Security and Privacy Awareness and Training Program provides a starting point and an all-in-one resource for infosec and privacy education practitioners who are building programs for their organizations. The author applies knowledge obtained through her work in education, creating a comprehensive resource of nearly everything involved with managing an infosec and privacy training course. This book includes examples and tools from a wide range of businesses, enabling readers to select effective components that will be beneficial to their enterprises. The text progresses from the inception of an education program through development, implementation, delivery, and evaluation.

Customers Who Bought This Item Also Bought

IT Security Metrics: A Practical Framework for Me... by Lance Hayden
5.0 out of 5 stars (4)

$27.08
Computer Security: 20 Things Every Employee Should... by Ben Rothke
4.7 out of 5 stars (23)

$6.62
Security Risk Management: Building an Information... by Evan Wheeler
4.7 out of 5 stars (7)

$30.94
Managing the Human Factor in Information Security:... by David Lacey
4.0 out of 5 stars (2)

$43.40
Security Metrics: Replacing Fear, Uncertainty,... by Andrew Jaquith
4.4 out of 5 stars (22)

$33.05
Social Engineering: The Art of Human Hacking by Christopher Hadnagy
4.7 out of 5 stars (50)

$20.55

Editorial Reviews

About the Author

Rebecca Herold, LLC, Van Meter, Iowa, USA --This text refers to an alternate Hardcover edition.

Product Details

Hardcover: 552 pages
Publisher: Auerbach Publications; 1 edition (April 26, 2005)
Language: English
ISBN-10: 0849329639
ISBN-13: 978-0849329630
Product Dimensions: 9.1 x 6.4 x 1.4 inches
Shipping Weight: 2 pounds

Average Customer Review: 4.8 out of 5 stars See all reviews (9 customer reviews)

Amazon Best Sellers Rank: #1,834,508 in Books (See Top 100 in Books)

Would you like to update product info or give feedback on images?

More About the Author

› Visit Amazon's Rebecca Herold Page

See my business website at: http://www.privacyprofessor.com
Follow me on Twitter at: http://twitter.com/privacyprof
Find me on LinkedIn at: http://www.linkedin.com/in/rebeccaherold
Follow my blog at: http://www.realtime-itcompliance.com

Customer Reviews

9 Reviews

5 star:		(7)
4 star:		(2)
3 star:		(0)
2 star:		(0)
1 star:		(0)

Average Customer Review

4.8 out of 5 stars (9 customer reviews)

Share your thoughts with other customers:

Create your own review

Most Helpful Customer Reviews

20 of 20 people found the following review helpful:

5.0 out of 5 stars THE Definitive Book on Information Security Practice, July 24, 2005

Dr. Stephenson - See all my reviews

This review is from: Managing an Information Security and Privacy Awareness and Training Program (Hardcover)

I'll begin by saying that I have two broad comments about Ms. Herold's new book, Managing an Information Security and Privacy Awareness and Training Program. First, it may be the definitive book on the topic and seems to have enough meat to be the definitive book on the practice of information security in general. It approaches the profession in the right way: people-oriented. That is rare and important. Second, I actually read it from cover to cover - a rare thing for me. Professional books usually find their ways to my reference library and are used mostly for that purpose, not for general reading.

In the over twenty years I have been in the information security profession I have seen a lot of approaches to managing the security of organizational information. There is one common thread that ties all of those approaches together. The successful ones address the people who use and manage that information. Technology simply is a collection of tools to assist the information assurance manager with the task. It has been said that there are management solutions to technical problems but no technical issues to management problems. Ms. Herold addresses this homily head-on and does it with style, personality and skill.

Her experience shows as does the commentary from two icons in our profession, Donn Parker and Hal Tipton. If you have any questions about whether you should buy this book, read their comments in the Preface and Forward.

I have known Becky for many years and I respect her skill, experience and ability to present important issues clearly, concisely and understandably. Her latest book does all that and more.

If I was told that I was moving to a new office and could take only two boxes of books with me from my library, I would fill both with technical books but I would leave space for the only two general books on information assurance I will ever need. One is "The Computer Security Handbook" edited by my good friend and long-time colleague Dr. Mich Kabay. The other would have to be "Managing an Information Security and Privacy Awareness and Training Program". It would take more than the two boxes to cover technical issues in security, but I could put Mich's and Becky's books in my brief case. Then I would have the perfect security library.

This book is highly recommended for any information assurance professional (or aspiring professional), manager with information assurance responsibilities, or training coordinator. I'm sure there are others who need this new offering as well, but Amazon only allows so much space for these reviews. I also will be highly recommend this book to our students in the MSIA program at Norwich.

Peter R. Stephenson, PhD, CISSP, CISM, FICAF
Associate Program Director, MSIA
Norwich University

Help other customers find the most helpful reviews

Was this review helpful to you? Yes No

Report abuse | Permalink

Comment Comment

8 of 8 people found the following review helpful:

5.0 out of 5 stars The definitive reference on creating an information security, May 16, 2005

Ben Rothke "Author of 'Computer Security: 20 ... (USA) - See all my reviews
(REAL NAME)

This review is from: Managing an Information Security and Privacy Awareness and Training Program (Hardcover)

Managing an Information Security and Privacy Awareness and Training Program is without a doubt the definitive reference on creating an information security awareness program

Behind most information security problems are users who are untrained in security or unaware of the security risks. Millions of dollars of firewalls and cryptography can be bypassed by an unaware end-user.

Managing an Information Security and Privacy Awareness and Training Program is a tremendous book that can be used as a foundation for an effective and comprehensive information security awareness program.

The book contains the fundamental and metrics of why you need an awareness program, and everything you need to set up such a program.

The book is filled with good and advice and direction. Chapter 14 contains 143 methods for effective awareness. The other chapters provide equally effective information and advice.

At 500 pages, this book contains everything you need to know about creating and setting up an effective awareness program and is highly recommended.

Help other customers find the most helpful reviews

Was this review helpful to you? Yes No

Report abuse | Permalink

Comment Comment

7 of 7 people found the following review helpful:

5.0 out of 5 stars A great investment in your awareness program, August 28, 2007

D. J. Lineman "Information Shield" (Houston, TX USA) - See all my reviews
(REAL NAME)

Amazon Verified Purchase(What's this?)

This review is from: Managing an Information Security and Privacy Awareness and Training Program (Hardcover)

If your organization is considering a security or privacy awareness program, this book will pay for itself many times over. I am not aware of any other resource that includes this much material about the art and science of awareness and training. Although this book is over 500 pages long, I found it easy to jump to specific chapters to get just the information I needed. The main chapters cover every aspect of program development including: planning, establishing a business case, budgeting, selling management, audience selection, material design and development, implementation, and measurement. Chapter 10 alone - which maps over 50 different awareness topics to various job roles - should save an organization thousands of dollars in program planning. And don't overlook the Appendices. Almost every sample form and worksheet you would need is available as an appendix. The assessment questionnaires alone should save dozens of hours of development. Definitely one of best security awareness investments your organization will ever make.

Help other customers find the most helpful reviews

Was this review helpful to you? Yes No

Report abuse | Permalink

Comment Comment

Share your thoughts with other customers: Create your own review

› See all 9 customer reviews...

Most Recent Customer Reviews

4.0 out of 5 stars Learn How to Avoid Security Breaches with This Guide on InfoSec Awareness
There is one individual who always has our security and privacy interests first and foremost: Rebecca Herold. Read more

Published 7 months ago by Debbie L

5.0 out of 5 stars A MUST read!!
Rebecca Herold is one of the leading authorities and experts on privacy and information security awareness training. Read more

Published 10 months ago by Keith Mattox

5.0 out of 5 stars Great resource for any information security awareness program
This book is a must-read for anyone building an information security awareness program. Ms. Herold lays out a fantastic game plan for security awareness for not only the sake of... Read more

Published 12 months ago by L. Brennan

5.0 out of 5 stars A Definitive Roadmap to building a credible and sustainable Information Security and Privacy Awareness and Training Program
In this work, Rebecca Herold deftly lays out a framework that is easy to follow and comprehensive. She has skilfully managed to compile material that would otherwise take a... Read more

Published on April 25, 2008 by Randolph J Waugh, I.S.P. ITILF...

4.0 out of 5 stars Good, but too long
I am not a friend nor acquaintance of Ms. Herold. I believe this is a good book on Awareness Training and would recommend it to professionals in that field and to security... Read more

Published on January 14, 2006 by F. Scholl

5.0 out of 5 stars Indispensable
Rebecca Herold introduces her own book very eloquently: "I wrote this book to provide a starting point and an all-in-one resource for information security and privacy education... Read more

Published on January 1, 2006 by Dr. G. Hinson

› See all 9 customer reviews...

Inside This Book (learn more)

First Sentence:
It is worthwhile to take a brief look at workplace training and awareness history. Read the first page

Key Phrases - Statistically Improbable Phrases (SIPs): (learn more)
effectiveness evaluation framework, job appraisal process, customer privacy issues, evaluation average rating, privacy incidents, awareness logos, privacy champions, privacy training, privacy awareness, customer privacy policies, privacy newsletters, obtain executive sponsorship, privacy icon, privacy manager, daily job responsibilities, privacy efforts, privacy activities, privacy objectives, security awareness program, privacy topics, privacy education, corporate information security, privacy roles, privacy goals, information security awareness

Key Phrases - Capitalized Phrases (CAPs): (learn more)
Data Collection Method, Instruments Data Sources, Computer Security Institute, Melissa Guenther, Awareness Example, Training Example, Broad Program Objective, Privacy Act, Special Publication, Demographic Information, Evaluate Education Effectiveness, International Computer Security Day, Size Delivery Method, Common Corporate Education Mistakes, False Question, Knowledge Generation, Ponemon Institute, Today's Date

New!
Books on Related Topics | Concordance | Text Stats

Citations (learn more)

This book cites 25 books:

Critical Incident Management by Alan B. Sterneckert in Front Matter
Data Protection (Miscellaneous Subject Access Exemptions)(Amendment) by The Home Office on page 488
Public Key Infrastructure: Building Trusted Applications and Web Services by John R. Vacca in Front Matter
FIGHTING COMPUTER CRIME by Timothy Parker on page 472
Developing Trust: Online Privacy and Security by Matt Curtin on page 472

See all 25 books this book cites

9 books cite this book:

Organizational Crisis Management: The Human Factor by Gerald Lewis in Front Matter
Information Security: Design, Implementation, Measurement, and Compliance by Timothy P. Layton in Front Matter
Securing Converged IP Networks by Tyson Macaulay in Front Matter
Audit and Trace Log Management: Consolidation and Analysis by Phillip Q. Maier in Front Matter
The Complete Guide for CPP Examination Preparation by James P. Muuss CPP in Front Matter

See all 9 books citing this book

Books on Related Topics (learn more)

Microsoft Windows Security Resource Kit by Brian Komar

Discusses:

Security Architecture by Christopher M. King

Discusses:

Inside Network Security Assessment by Michael Gregg

Discusses:

The Practical Guide to HIPAA Privacy and Security Compliance by Kevin Beaver

Discusses:

What Other Items Do Customers Buy After Viewing This Item?

Cyber Within: A Security Awareness Story and Guide for Employees (Cyber Crime & Fraud Prevention) by Marcos Christodonte II Paperback
4.5 out of 5 stars (4)

$7.95

IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data by Lance Hayden Paperback
5.0 out of 5 stars (4)

$27.08

The Privacy Papers: Managing Technology, Consumer, Employee and Legislative Actions by Rebecca Herold Hardcover
4.5 out of 5 stars (2)

$124.95

Computer Security: 20 Things Every Employee Should Know (McGraw-Hill Professional Education) by Ben Rothke Paperback
4.7 out of 5 stars (23)

$6.62

› Explore similar items

Tags Customers Associate with This Product

(What's this?)

Click on a tag to find related items, discussions, and people.

awareness(1)

it(1)

security(1)

security awareness(1)

training(1)

Agree with these tags?

See all 6 tags...

Sell a Digital Version of This Book in the Kindle Store

If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store. Learn more

.jsOffDisplayBlock { display: block; } .jsOffDisplayInline { display: inline; } .jsOffVisibility { visibility: visible; } .jsOnDisplayBlock { display: none; } .jsOnDisplayNoneBlock { display: block; } .jsOnDisplayNoneInline { display: inline; } .jsOnDisplayInline { display: none; } .jsOnVisibility { visibility: hidden; } .jqOnDisplayBlock { display: none; } .jqOnDisplayInline { display: none; } .jqOnVisibility { visibility: hidden; } .jqOnDisplayNoneBlock { display: block; } .jqOnDisplayNoneInline { display: inline; }

Customer Discussions

This product's forum

Discussion	Replies	Latest Post
No discussions yet

Ask questions, Share opinions, Gain insight

Start a new discussion

Topic:

First post:

Receive e-mail when new posts are made

Prompts for sign-in

Guidelines

Active discussions in related forums

Discussion	Replies	Latest Post
Textbook forum Never buy school textbooks. Download them to your reading device or computer	4	1 day ago
Textbook forum Textbook Buyback	4	2 days ago
Textbook forum the book have the student access code?	0	2 days ago
Textbook forum Never Again	35	6 days ago
Textbook forum I just received a "very good" textbook without its disc - what are your thoughts?	168	17 days ago