Security Policies and Implementation Issues

Google Preview Look Inside

Author(s):	Robert Johnson Mark Merkow
Details:	ISBN-13: 9780763791322 Paperback 438 pages © 2011
Price:	International Sales $89.95 US List Add to Cart Request a Review Copy

Overview

PART OF THE NEW JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES!

The study of information system security concepts and domains is an essential part of the education of computer science students and professionals alike. Security Policies and Implementation Issues offers a comprehensive, end-to-end view of information security policies and frameworks from the raw organizational mechanics of building to the psychology of implementation. It presents an effective balance between technical knowledge and soft skills, and introduces many different concepts of information security in clear simple terms such as governance, regulator mandates, business drivers, legal considerations, and much more. With step-by-step examples and real-world exercises, this book is a must-have resource for students, security officers, auditors, and risk leaders looking to fully understand the process of implementing successful sets of security policies and frameworks.

Instructor Materials for Security Policies and Implementation Issues include:

PowerPoint Lecture Slides
Instructor's Guide
Sample Course Syllabus
Quiz & Exam Questions
Case Scenarios/Handouts

About the Series
This book is part of the Information Systems Security and Assurance Series from Jones and Bartlett Learning. Designed for courses and curriculums in IT Security, Cybersecurity, Information Assurance, and Information Systems Security, this series features a comprehensive, consistent treatment of the most current thinking and trends in this critical subject area. These titles deliver fundamental information-security principles packed with real-world applications and examples. Authored by Certified Information Systems Security Professionals (CISSPs), they deliver comprehensive information on all aspects of information security. Reviewed word for word by leading technical experts in the field, these books are not just current, but forward-thinking—putting you in the position to solve the cybersecurity challenges not just of today, but of tomorrow, as well.

ShowKey Features

Offers a comprehensive, end-to-end view of information security policies and frameworks
Addresses the technical knowledge and soft skills required for policy implementation
Covers governance, regulator mandates, business drivers, legal considerations, and much more
Provides an excellent starting point for the creation of an IT security policy framework

ShowTable of Contents

Part  1  The Need for IT Security Policy Frameworks
  Chapter  1  Governance and Information Security Policy Management
  Chapter  2  Business Drivers for Information Security Policies
  Chapter  3  U.S. Compliance Laws and Information Security Policy Requirements
  Chapter  4  Business Challenges Within the Seven Domains of IT Responsibility
  Chapter  5  Information Security Policy Implementation Issues
Part  2  Types of Policies and Appropriate Frameworks
  Chapter  6  IT Security Policy Frameworks
  Chapter  7  How to Design, Organize, Implement, and Maintain IT Security Policies
  Chapter  8  IT Security Policy Framework Approaches
  Chapter  9  User Domain Policies
  Chapter  10  IT Infrastructure Security Policies
  Chapter  11  Data Classification and Handling Policies and Risk Management Policies
  Chapter  12  Incident Response Team (IRT) Policies
Part  3  Implementing and Maintaining an IT Security Policy Framework
  Chapter  13  IT Security Policy Implementations
  Chapter  14  IT Security Policy Enforcement
  Chapter  15  IT Policy Compliance Systems and Emerging Technologies
Back to top

ShowAbout the Author(s)

Robert Johnson

Robert Johnson (CISA, CGEIT, CISM, CISSP) has 20 years experience dealing with all aspects of information security, IT audit, risk management, and privacy compliance. His diverse background includes hands-on operational experience as well as providing strategic risk assessment and scoring for leadership and board-level audiences. Currently he works in the security risk management division of a large financial services insurance company. Previously he worked as a first vice president and IT audit and security advisory director at Washington Mutual (JP Morgan Chase).

Mark Merkow

Mark Merkow (CISSP, CISM, CSSLP) works at PayPal Inc. (an eBay company) in Scottsdale, Arizona, as manager of security consulting and IT security strategy in the Information Risk Management area. He has more than 35 years of experience in information technology from a variety of roles, including applications development, systems analysis and design, security engineer, and security manager. He’s the author of nine books, including Secure and Resilient Software Development (Auerbach Publications, 2010). He’s also served as a contributing editor for a number of publications, and is a member of numerous professional associations, including chairman of the Financial Services Information Sharing and Analysis Center Education Committee.

ShowAppropriate Courses

Written for IT students and professionals hoping to gain knowledge in security policies and information security systems.

ShowResources

For Instructors

- show overview Click here to request access to these instructor resources.
  The following instructor resources are available to qualified instructors for download
  ISBN-13: 9780763791322
  
  Additional Resources for Instructors
  Answers to Lab Exercises
  Instructor Manual
  Powerpoint™
  Sample Syllabus
  Test Bank

Additional Buy Options

Coursesmart (Buy from CourseSmart)
Learn More >>

Related Titles

Related Subjects

Networking & Security

Stay Connected