Page Tools:

Managing Risk in Information Systems, Second Edition

Author(s): Darril Gibson
  • ISBN-13: 9781284055955
  • Paperback    462 pages      © 2015
Price: $99.95 US List
Add to Cart Request a Review Copy

Case Study Labs are now available on Navigate 2! Bundles and Lab Access are available on the Ordering Options tab. For questions about ordering this title, please contact

Revised and updated with the latest data in the field, the Second Edition of Managing Risk in Information Systems provides a comprehensive overview of the SSCP® Risk, Response, and Recovery Domain in addition to providing a thorough overview of risk management and its implications on IT infrastructures and compliance. Written by industry experts, and using a wealth of examples and exercises, this book incorporates hands-on activities to walk the reader through the fundamentals of risk management, strategies and approaches for mitigating risk, and the anatomy of how to create a plan that reduces risk.

Part of the Jones & Bartlett Learning Information Systems Security & Assurance Series! Click here to learn more:

Features & Benefits

  • Provides a modern and comprehensive view of information security policies and frameworks
  • Examines the technical knowledge and software skills required for policy implementation
  • Explores the creation of an effective IT security policy framework
  • Discusses the latest governance, regulatory mandates, business drives, legal considerations, and much more.

Applicable Courses

Ideal for use in Information Security courses or programs.

Chapter  1: Risk Management Fundamentals  
Chapter  2: Managing Risk: Threats, Vulnerabilities, and Exploits  
Chapter  3: Maintaining Compliance  
Chapter  4: Developing a Risk Management Plan  
Chapter  5: Defining Risk Assessment Approaches  
Chapter  6: Performing a Risk Assessment  
Chapter  7: Identifying Assets and Activities to be Protected  
Chapter  8: Identifying and Analyzing Threats, Vulnerabilities, and Exploits  
Chapter  9: Identifying and Analyzing Risk Mitigation Security Controls  
Chapter  10: Planning Risk Mitigation Throughout the Organization  
Chapter  11: Turning Your Risk Assessment into a Risk Mitigation Plan  
Chapter  12: Mitigating Risk with a Business Impact Analysis  
Chapter  13: Mitigating Risk with a Business Continuity Plan  
Chapter  14: Mitigating Risk with a Disaster Recovery Plan  
Chapter  15: Mitigating Risk with a Computer Incident Response Team Plan  

Darril Gibson

Darril Gibson is an IT trainer who regularly teaches security topics to Air Force personnel. An adjunct professor, he’s written or co-authored several IT books, including CompTIA Security+: Get Certified Get Ahead, and Mastering Windows Server 2008 R2. In addition, he’s also created training videos on multiple topics for Keystone Learning. Mr. Gibson holds numerous certifications, including (ISC)2 CISSP and CompTIA Security+. He’s also been a Microsoft Certified Trainer since 1999.

The following instructor resources are available to qualified instructors for download

ISBN-13: 9781284055955

Additional Resources for Instructors
Answers to Lab Exercises
BlackBoard ready Test Bank
Moodle ready Test Bank
Project Answers
Test Bank

Print Bundle

Bundle ISBN: 9781284143478
Print Textbook & Case Study Lab Access. Please confirm the ISBNs used in your course with your instructor before placing your order. Your institution may use a custom integration or access portal that requires a specialized access code.

E-Book Bundle

Bundle ISBN: 9781284143430
Vitalsource E-Book & Case Study Lab Access - printed access cards, fulfilled via Fedex. For electronic delivery, please purchase your bundle from the Vitalsource Store:

Case Study Lab Access

Bundle ISBN: 9781284430103
Standalone Case Study Lab Access on Navigate 2 - fulfilled via e-mail. Please confirm the ISBNs used in your course with your instructor before placing your order. Your institution may use a custom integration or access portal that requires a specialized access code.