Page Tools:

Managing Risk in Information Systems, Second Edition

Author(s): Darril Gibson
  • ISBN-13: 9781284055955
  • Paperback    462 pages      © 2015
Price: $99.95 US List
Add to Cart Request a Review Copy

The Case Study Labs for this title are being moved to Navigate 2, and will be released on August 1st, 2017. If you are enrolling in a Fall 2017 course that requires access to the online Case Study Labs, please wait until after 8/1 to purchase your materials.

Revised and updated with the latest data in the field, the Second Edition of Managing Risk in Information Systems provides a comprehensive overview of the SSCP® Risk, Response, and Recovery Domain in addition to providing a thorough overview of risk management and its implications on IT infrastructures and compliance. Written by industry experts, and using a wealth of examples and exercises, this book incorporates hands-on activities to walk the reader through the fundamentals of risk management, strategies and approaches for mitigating risk, and the anatomy of how to create a plan that reduces risk.

Part of the Jones & Bartlett Learning Information Systems Security & Assurance Series! Click here to learn more:

Features & Benefits

  • Provides a modern and comprehensive view of information security policies and frameworks
  • Examines the technical knowledge and software skills required for policy implementation
  • Explores the creation of an effective IT security policy framework
  • Discusses the latest governance, regulatory mandates, business drives, legal considerations, and much more.

Applicable Courses

Ideal for use in Information Security courses or programs.

Chapter  1: Risk Management Fundamentals  
Chapter  2: Managing Risk: Threats, Vulnerabilities, and Exploits  
Chapter  3: Maintaining Compliance  
Chapter  4: Developing a Risk Management Plan  
Chapter  5: Defining Risk Assessment Approaches  
Chapter  6: Performing a Risk Assessment  
Chapter  7: Identifying Assets and Activities to be Protected  
Chapter  8: Identifying and Analyzing Threats, Vulnerabilities, and Exploits  
Chapter  9: Identifying and Analyzing Risk Mitigation Security Controls  
Chapter  10: Planning Risk Mitigation Throughout the Organization  
Chapter  11: Turning Your Risk Assessment into a Risk Mitigation Plan  
Chapter  12: Mitigating Risk with a Business Impact Analysis  
Chapter  13: Mitigating Risk with a Business Continuity Plan  
Chapter  14: Mitigating Risk with a Disaster Recovery Plan  
Chapter  15: Mitigating Risk with a Computer Incident Response Team Plan  

Darril Gibson

Darril Gibson is an IT trainer who regularly teaches security topics to Air Force personnel. An adjunct professor, he’s written or co-authored several IT books, including CompTIA Security+: Get Certified Get Ahead, and Mastering Windows Server 2008 R2. In addition, he’s also created training videos on multiple topics for Keystone Learning. Mr. Gibson holds numerous certifications, including (ISC)2 CISSP and CompTIA Security+. He’s also been a Microsoft Certified Trainer since 1999.

Additional Titles by this Author

The following instructor resources are available to qualified instructors for download

ISBN-13: 9781284055955

Additional Resources for Instructors
Answers to Lab Exercises
BlackBoard ready Test Bank
Moodle ready Test Bank
Project Answers
Test Bank