Information Risk Management : A practitioner's guide.
(eBook)

Book Cover
Average Rating
Author
Sutton, David.
Published
Swindon : BCS Learning & Development Limited, 2021.
Format
eBook
Edition
2nd ed.
ISBN
9781780175744
Physical Desc
1 online resource (240 pages)
Status
Available Online

Description

Loading Description...

Also in this Series

Checking series information...

More Like This

Loading more titles like this title...

More Details

Language
English

Notes

Description
Information risk management (IRM) is about identifying, assessing, prioritising and treating risks to keep information secure and available. This book provides practical guidance to the principles and development of a strategic approach to an IRM programme. The only textbook for the BCS Practitioner Certificate in Information Risk Management.
Local note
Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2023. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries.

Borrower Reviews

Reviews from GoodReads

Loading GoodReads Reviews.

Citations

APA Citation, 7th Edition (style guide)

Sutton, D. (2021). Information Risk Management: A practitioner's guide (2nd ed.). BCS Learning & Development Limited.

Chicago / Turabian - Author Date Citation, 17th Edition (style guide)

Sutton, David. 2021. Information Risk Management: A Practitioner's Guide. Swindon: BCS Learning & Development Limited.

Chicago / Turabian - Humanities (Notes and Bibliography) Citation, 17th Edition (style guide)

Sutton, David. Information Risk Management: A Practitioner's Guide Swindon: BCS Learning & Development Limited, 2021.

Harvard Citation (style guide)

Sutton, D. (2021). Information risk management: a practitioner's guide. 2nd ed. Swindon: BCS Learning & Development Limited.

MLA Citation, 9th Edition (style guide)

Sutton, David. Information Risk Management: A Practitioner's Guide 2nd ed., BCS Learning & Development Limited, 2021.

Note! Citations contain only title, author, edition, publisher, and year published. Citations should be used as a guideline and should be double checked for accuracy. Citation formats are based on standards as of August 2021.

Staff View

Grouped Work ID
4cbc2309-e911-0a08-8e92-fa1226cc90a0-eng
Go To Grouped Work

Grouping Information

Grouped Work ID4cbc2309-e911-0a08-8e92-fa1226cc90a0-eng
Full titleinformation risk management a practitioners guide
Authorsutton david
Grouping Categorybook
Last Update2023-03-28 17:59:37PM
Last Indexed2025-04-30 02:02:34AM

Book Cover Information

Image Sourceebrary
First LoadedAug 23, 2023
Last UsedJun 24, 2025

Marc Record

First DetectedMar 28, 2023 06:06:49 PM
Last File Modification TimeMar 28, 2023 06:06:49 PM

MARC Record

LEADER05548nam a22004213i 4500
001EBC6733537
003MiAaPQ
00520230328122125.0
006m     o  d |      
007cr cnu||||||||
008230328s2021    xx      o     ||||0 eng d
020 |a 9781780175744|q (electronic bk.)
020 |z 9781780175720
035 |a (MiAaPQ)EBC6733537
035 |a (Au-PeEL)EBL6733537
035 |a (OCoLC)1272992512
040 |a MiAaPQ|b eng|e rda|e pn|c MiAaPQ|d MiAaPQ
050 4|a HD30.2 .S888 2021
0820 |a 658.4038
1001 |a Sutton, David.
24510|a Information Risk Management :|b A practitioner's guide.
250 |a 2nd ed.
264 1|a Swindon :|b BCS Learning & Development Limited,|c 2021.
264 4|c Ã2021.
300 |a 1 online resource (240 pages)
336 |a text|b txt|2 rdacontent
337 |a computer|b c|2 rdamedia
338 |a online resource|b cr|2 rdacarrier
5050 |a Cover -- CONTENTS -- LIST OF FIGURES AND TABLES -- AUTHOR -- OTHER WORKS BY THE AUTHOR -- ACKNOWLEDGEMENTS -- ABBREVIATIONS -- PREFACE -- 1. THE NEED FOR INFORMATION RISK MANAGEMENT -- WHAT IS INFORMATION? -- WHO SHOULD USE INFORMATION RISK MANAGEMENT? -- THE LEGAL FRAMEWORK -- THE CONTEXT OF RISK IN THE ORGANISATION -- HOT TOPICS TO CONSIDER IN INFORMATION RISK MANAGEMENT -- THE BENEFITS OF TAKING ACCOUNT OF INFORMATION RISK -- OVERVIEW OF THE INFORMATION RISK MANAGEMENT PROCESS -- SUMMARY -- 2. REVIEW OF INFORMATION SECURITY FUNDAMENTALS -- INFORMATION CLASSIFICATION -- PLAN-DO-CHECK-ACT -- SUMMARY -- 3. THE INFORMATION RISK MANAGEMENT PROGRAMME -- GOALS, SCOPE AND OBJECTIVES -- ROLES AND RESPONSIBILITIES -- GOVERNANCE OF THE RISK MANAGEMENT PROGRAMME -- INFORMATION RISK MANAGEMENT CRITERIA -- SUMMARY -- 4. RISK IDENTIFICATION -- THE RISK IDENTIFICATION PROCESS -- THE APPROACH TO RISK IDENTIFICATION -- IMPACT ASSESSMENT -- SUMMARY -- 5. THREAT AND VULNERABILITY ASSESSMENT -- CONDUCTING THREAT ASSESSMENTS -- CONDUCTING VULNERABILITY ASSESSMENTS -- IDENTIFICATION OF EXISTING CONTROLS -- SUMMARY -- 6. RISK ANALYSIS AND RISK EVALUATION -- ASSESSMENT OF LIKELIHOOD -- RISK ANALYSIS -- RISK EVALUATION -- SUMMARY -- 7. RISK TREATMENT -- STRATEGIC RISK OPTIONS -- TACTICAL RISK MANAGEMENT CONTROLS -- OPERATIONAL RISK MANAGEMENT CONTROLS -- EXAMPLES OF CRITICAL CONTROLS AND CONTROL CATEGORIES -- SUMMARY -- 8. RISK REPORTING AND PRESENTATION -- BUSINESS CASES -- RISK TREATMENT DECISION-MAKING -- RISK TREATMENT PLANNING AND IMPLEMENTATION -- BUSINESS CONTINUITY AND DISASTER RECOVERY -- DISASTER RECOVERY FAILOVER TESTING -- SUMMARY -- 9. COMMUNICATION, CONSULTATION, MONITORING AND REVIEW -- SKILLS REQUIRED FOR AN INFORMATION RISK PROGRAMME MANAGER -- COMMUNICATION -- CONSULTATION -- RISK REVIEWS AND MONITORING -- SUMMARY.
5058 |a 10. THE NCSC CERTIFIED PROFESSIONAL SCHEME -- SFIA -- THE CIISEC SKILLS FRAMEWORK -- SUMMARY -- 11. HMG SECURITY-RELATED DOCUMENTS -- HMG SECURITY POLICY FRAMEWORK -- THE NATIONAL SECURITY STRATEGY -- CONTEST, THE UNITED KINGDOM'S STRATEGY FOR COUNTERING TERRORISM -- THE MINIMUM CYBER SECURITY STANDARD -- THE UK CYBER SECURITY STRATEGY 2016-2021 -- UK GOVERNMENT SECURITY CLASSIFICATIONS -- SUMMARY -- APPENDIX A - TAXONOMIES AND DESCRIPTIONS -- INFORMATION RISK -- TYPICAL IMPACTS OR CONSEQUENCES -- APPENDIX B - TYPICAL THREATS AND HAZARDS -- MALICIOUS INTRUSION (HACKING) -- ENVIRONMENTAL THREATS -- ERRORS AND FAILURES -- SOCIAL ENGINEERING -- MISUSE AND ABUSE -- PHYSICAL THREATS -- MALWARE -- APPENDIX C - TYPICAL VULNERABILITIES -- ACCESS CONTROL -- POOR PROCEDURES -- PHYSICAL AND ENVIRONMENTAL SECURITY -- COMMUNICATIONS AND OPERATIONS MANAGEMENT -- PEOPLE-RELATED SECURITY FAILURES -- APPENDIX D - INFORMATION RISK CONTROLS -- STRATEGIC CONTROLS -- TACTICAL CONTROLS -- OPERATIONAL CONTROLS -- THE CENTRE FOR INTERNET SECURITY CONTROLS VERSION 8 -- ISO/IEC 27001:2017 CONTROLS -- NIST SPECIAL PUBLICATION 800-53 REVISION 5 -- APPENDIX E - METHODOLOGIES, GUIDELINES AND TOOLS -- METHODOLOGIES -- OTHER GUIDELINES AND TOOLS -- APPENDIX F - TEMPLATES -- APPENDIX G - HMG CYBERSECURITY GUIDELINES -- HMG CYBER ESSENTIALS SCHEME -- 10 STEPS TO CYBER SECURITY -- APPENDIX H - REFERENCES AND FURTHER READING -- PRIMARY UK LEGISLATION -- GOOD PRACTICE GUIDELINES -- OTHER REFERENCE MATERIAL -- NCSC CERTIFIED PROFESSIONAL SCHEME -- OTHER UK GOVERNMENT PUBLICATIONS -- RISK MANAGEMENT METHODOLOGIES -- UK AND INTERNATIONAL STANDARDS -- APPENDIX I - DEFINITIONS, STANDARDS AND GLOSSARY OF TERMS -- DEFINITIONS AND GLOSSARY OF TERMS -- INFORMATION RISK MANAGEMENT STANDARDS -- INDEX -- Back cover.
520 |a Information risk management (IRM) is about identifying, assessing, prioritising and treating risks to keep information secure and available. This book provides practical guidance to the principles and development of a strategic approach to an IRM programme. The only textbook for the BCS Practitioner Certificate in Information Risk Management.
588 |a Description based on publisher supplied metadata and other sources.
590 |a Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2023. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries.
650 0|a Computer security.
655 4|a Electronic books.
77608|i Print version:|a Sutton, David|t Information Risk Management|d Swindon : BCS Learning & Development Limited,c2021|z 9781780175720
7972 |a ProQuest (Firm)
85640|u https://ebookcentral.proquest.com/lib/pit/detail.action?docID=6733537|z Click to View