• List Price: $79.95
  • Save: $56.19 (70%)
Rented from apex_media
To Rent, select Shipping State from options above
Due Date: May 28, 2015
FREE return shipping at the end of the semester. Access codes and supplements are not guaranteed with rentals.
Used: Good | Details
Sold by RentU
Condition: Used: Good
Comment: Fast shipping from Amazon! Qualifies for Prime Shipping and FREE standard shipping for orders over $35. Overnight, 2 day and International shipping available! Excellent Customer Service.. May not include supplements such as CD, access code or DVD.
Access codes and supplements are not guaranteed with used items.
Qty:1
  • List Price: $79.95
  • Save: $4.00 (5%)
Only 6 left in stock (more on the way).
Ships from and sold by Amazon.com.
Gift-wrap available.
Sell yours for a Gift Card
We'll buy it for $2.81
Learn More
Trade in now
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See all 2 images

Managing an Information Security and Privacy Awareness and Training Program, Second Edition Hardcover – August 24, 2010

ISBN-13: 978-1439815458 ISBN-10: 1439815453 Edition: 2nd

Buy New
Price: $75.95
Rent
Price: $23.76
30 New from $53.23 13 Used from $58.29
Rent from Amazon Price New from Used from
Kindle
"Please retry"
$27.98
Hardcover
"Please retry"
$23.76
$75.95
$53.23 $58.29
Free Two-Day Shipping for College Students with Amazon Student Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student


Frequently Bought Together

Managing an Information Security and Privacy Awareness and Training Program, Second Edition + Assessing and Managing Security Risk in IT Systems: A Structured Methodology + Information Security Risk Analysis, Third Edition
Price for all three: $202.32

Buy the selected items together
NO_CONTENT_IN_FEATURE
Shop the New Digital Design Bookstore
Check out the Digital Design Bookstore, a new hub for photographers, art directors, illustrators, web developers, and other creative individuals to find highly rated and highly relevant career resources. Shop books on web development and graphic design, or check out blog posts by authors and thought-leaders in the design industry. Shop now

Product Details

  • Hardcover: 568 pages
  • Publisher: CRC Press; 2 edition (August 24, 2010)
  • Language: English
  • ISBN-10: 1439815453
  • ISBN-13: 978-1439815458
  • Product Dimensions: 6.1 x 1.2 x 9.2 inches
  • Shipping Weight: 2.1 pounds (View shipping rates and policies)
  • Average Customer Review: 4.8 out of 5 stars  See all reviews (9 customer reviews)
  • Amazon Best Sellers Rank: #1,345,268 in Books (See Top 100 in Books)

Editorial Reviews

Review

The first edition was outstanding. The new second edition is even better - an excellent textbook packed with sound advice and loads of tips to make your security awareness program pull its weight.… engaging and stimulating, easy to read yet at the same time thought-provoking. … chock-full of good ideas, not just theoretical concepts but solid practical advice that can be put to use immediately. A side effect is that there are lots of lists, tables and bullet points but they are well structured and succinctly summarize the key points. …an excellent reference text. Extensive appendices (130 pages) include sample awareness materials and plans, a security glossary, various checklist/questionnaires and references. This is the definitive and indispensable guide for information security and privacy awareness and training professionals, worth every cent. As with the first edition, we recommend it unreservedly.
—NoticeBored.com

This book is remarkable because it covers in detail all the facets of providing effective security awareness training…I can, without reservation, recommend use of this book to any organization faced with the need to develop a successful training and awareness program. It surely provides everything you need to know to create a real winner.
—Hal Tipton, from the Foreword

Rebecca Herold has the answers in her definitive book on everything everybody needs to know about how to impart security awareness, training, and motivation. Motivation had been missing from the information security lexicon until Herold put it there in most thorough and effective ways … She demonstrates that security must become a part of job performance rather than being in conflict with job performance… The power of this book also lies in applying real education theory, methods, and practice to teaching security awareness and training … After reading this book, there is no question about the necessary and important roles of security awareness, training, and motivation.
—Donn B. Parker, CISSP, from the Preface

Rebecca Herold, an independent computer security advisor, knows privacy. Not all security consultants do. In her latest book, Managing an Information Security and Privacy Awareness and Training Program, Herold has collected her best advice.
—Privacy Journal

… perfect for lay and professional audiences, this is a guide not for implementing technical necessities but for getting everybody in an organization on board.
—Journal of Productive Innovation

From the Back Cover

"Rebecca Herold has the answers in her definitive book on everything everybody needs to know about how to impart security awareness, training, and motivation. Motivation had been missing from the information security lexicon until Herold put it there in most thorough and effective ways … She demonstrates that security must become a part of job performance rather than being in conflict with job performance … "The power of this book also lies in applying real education theory, methods, and practice to teaching security awareness and training … After reading this book, there is no question about the necessary and important roles of security awareness, training, and motivation." —Donn B. Parker, CISSP, from the Preface

"This book is remarkable because it covers in detail all the facets of providing effective security awareness training…I can, without reservation, recommend use of this book to any organization faced with the need to develop a successful training and awareness program. It surely provides everything you need to know to create a real winner." —Hal Tipton, from the Foreword

Features: • Provides a starting point and an all-in-one resource for information security and privacy education practitioners • Justifies the importance of training and awareness, emphasizing legal and regulatory requirements • Contains examples of real education experiences and case studies for information security teaching • Includes 142 awareness materials and methods and 42 tips to trainers • Directs readers to multiple resources for more specialized information • Offers 22 appendices of sample forms, slide presentations, checklists of course content, and other resources that readers can apply to their own education program --This text refers to an out of print or unavailable edition of this title.


More About the Authors

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

4.8 out of 5 stars
5 star
7
4 star
2
3 star
0
2 star
0
1 star
0
See all 9 customer reviews
Although the book is comprehensive, it also serves as a useful quick reference.
Keith Mattox
I'll begin by saying that I have two broad comments about Ms. Herold's new book, Managing an Information Security and Privacy Awareness and Training Program.
Dr. Stephenson
The book is essential reading for more experienced information security professionals, especially those tasked with `doing awareness'.
Dr. G. Hinson

Most Helpful Customer Reviews

19 of 19 people found the following review helpful By Dr. Stephenson on July 24, 2005
Format: Hardcover
I'll begin by saying that I have two broad comments about Ms. Herold's new book, Managing an Information Security and Privacy Awareness and Training Program. First, it may be the definitive book on the topic and seems to have enough meat to be the definitive book on the practice of information security in general. It approaches the profession in the right way: people-oriented. That is rare and important. Second, I actually read it from cover to cover - a rare thing for me. Professional books usually find their ways to my reference library and are used mostly for that purpose, not for general reading.

In the over twenty years I have been in the information security profession I have seen a lot of approaches to managing the security of organizational information. There is one common thread that ties all of those approaches together. The successful ones address the people who use and manage that information. Technology simply is a collection of tools to assist the information assurance manager with the task. It has been said that there are management solutions to technical problems but no technical issues to management problems. Ms. Herold addresses this homily head-on and does it with style, personality and skill.

Her experience shows as does the commentary from two icons in our profession, Donn Parker and Hal Tipton. If you have any questions about whether you should buy this book, read their comments in the Preface and Forward.

I have known Becky for many years and I respect her skill, experience and ability to present important issues clearly, concisely and understandably. Her latest book does all that and more.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
6 of 6 people found the following review helpful By Ben Rothke on May 16, 2005
Format: Hardcover
Managing an Information Security and Privacy Awareness and Training Program is without a doubt the definitive reference on creating an information security awareness program

Behind most information security problems are users who are untrained in security or unaware of the security risks. Millions of dollars of firewalls and cryptography can be bypassed by an unaware end-user.

Managing an Information Security and Privacy Awareness and Training Program is a tremendous book that can be used as a foundation for an effective and comprehensive information security awareness program.

The book contains the fundamental and metrics of why you need an awareness program, and everything you need to set up such a program.

The book is filled with good and advice and direction. Chapter 14 contains 143 methods for effective awareness. The other chapters provide equally effective information and advice.

At 500 pages, this book contains everything you need to know about creating and setting up an effective awareness program and is highly recommended.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
6 of 6 people found the following review helpful By D. J. Lineman on August 28, 2007
Format: Hardcover Verified Purchase
If your organization is considering a security or privacy awareness program, this book will pay for itself many times over. I am not aware of any other resource that includes this much material about the art and science of awareness and training. Although this book is over 500 pages long, I found it easy to jump to specific chapters to get just the information I needed. The main chapters cover every aspect of program development including: planning, establishing a business case, budgeting, selling management, audience selection, material design and development, implementation, and measurement. Chapter 10 alone - which maps over 50 different awareness topics to various job roles - should save an organization thousands of dollars in program planning. And don't overlook the Appendices. Almost every sample form and worksheet you would need is available as an appendix. The assessment questionnaires alone should save dozens of hours of development. Definitely one of best security awareness investments your organization will ever make.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
Format: Hardcover
In this work, Rebecca Herold deftly lays out a framework that is easy to follow and comprehensive. She has skilfully managed to compile material that would otherwise take a significant amount of research, time and work to collect, and has created tools for the reader that are easily modified and transferred to any industry and indeed any country.

Ms. Herold consistently produces high quality written information centered around current and often complex subjects. The kernel of what she offers is the rare ability to present these topics as easy to understand and enjoyable to read.

As I live and work in Canada I was concerned that this book may be too centered on American laws and methodologies. I could not have been further off the mark. The methodology meticulously laid out by Ms. Herold could be applied in any country on the planet and ensure that whoever is following its plan is successful in their delivery.

In my 17+ years in Information engineering, security and education I have only kept a handful of texts on my bookshelf. This will be one of them.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
3 of 3 people found the following review helpful By L. Brennan on January 25, 2011
Format: Hardcover Verified Purchase
This book is a must-read for anyone building an information security awareness program. Ms. Herold lays out a fantastic game plan for security awareness for not only the sake of information security, but to meet regulatory compliance as well. For me, this book was used as a reference guide. When I was tasked with developing and improving upon an already existing security awareness program, I used many tactics right from this book. The concept of measuring the effectiveness of the program throughout is woven throughout this book. Being able to show the effectiveness of an information security awareness program is important in the best of times, but as budgets shrink metrics become absolutely critical.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again