catalog
Home
>

Higher Education

shoe image

Management of Information Security (Print on Demand)

Author(s): Michael E. Whitman | Herbert J. Mattord

ISBN: 9788131531815

4th Edition

Copyright: 2014

India Release: 2016

₹1480

Binding: Paperback

Pages: 592

Trim Size: 254 x 203

Refer Book

Order Inspection Copy

MANAGEMENT OF INFORMATION SECURITY, Fourth Edition gives readers an overview of information security and assurance using both domestic and international standards, all from a management perspective. Beginning with the foundational and technical components of information security, this edition then focuses on access control models, information security governance, and information security program assessment and metrics.The Fourth Edition is revised and updated to reflect changes in the field, including the ISO 27000 series, so as to prepare readers to succeed in the workplace.

  • Covers key managerial areas in Information Security Governance, including access control models, program assessments, and metrics.
  • Features a running case study with group discussion questions to explore real-world security issues.
  • Includes “Viewpoint” essays that provide practical insights and real-world examples.
  • Reinforces learning with review questions, hands-on activities, and case projects in every chapter.
  • Provides up-to-date coverage of national and international standards, including the ISO 27000 series.
  • Fully aligns with the NICE cybersecurity education standards, with instructor support for curriculum mapping.
  • Enhances understanding of GRC, contingency planning, incident response, and policy management.
  • Offers in-depth discussion on control selection using the COBIT 5 framework.
  • Expands on security convergence, integrating physical and logical security programs.
  • Updates legal, regulatory, and ethical perspectives on information security.
  • Introduces “Ethical Dilemmas” at the end of each chapter to explore decision-making in context.

1. Introduction to Management of Information Security.

2. Planning for Security.

3. Planning for Contingencies.

4. Information Security Policy.

5. Developing the Security Program.

6. Security Management Models.

7. Security Management Practices.

8. Risk Management: Identifying and Assessing Risk.

9. Risk Management: Controlling Risk.

10. Protection Mechanisms.

11. Personnel and Security.

12. Law and Ethics.

Appendix A. NIST SP 800-26, Security Self-Assessment Guide for Information.

Technology Systems and ISO 27002 Questionnaire.

Appendix B. Risk Management Models.

Michael E. Whitman - Ph.D., CISM, CISSP

Michael Whitman, Ph.D., CISM, CISSP is a Professor of Information Security at Kennesaw State University, Kennesaw, Georgia, where he is also the Executive Director of the KSU/Coles College of Business Center for Information Security Education. 

 

Herbert J. Mattord - Ph.D., CISM, CISSP

Herbert Mattord, Ph.D., CISM, CISSP completed 24 years of IT industry experience as an application developer, database administrator, project manager, and information security practitioner before joining the faculty at Kennesaw State University, where he is Assistant Chair of the Department of Information Systems and Associate Professor of Information Security and Assurance program. 

Related Books

More from the author