| 000 | 01970cam a2200265 a 4500 | ||
|---|---|---|---|
| 008 | 090409s2005 flua b 001 0 eng | ||
| 010 | _a2004062725 | ||
| 020 | _a9780849333460 | ||
| 035 | _a(Sirsi) u1354 | ||
| 040 |
_aEG-CaNU _cEG-CaNU _dEG-CaNU |
||
| 082 | 0 | 0 |
_a005.8 _2 22 |
| 100 | 1 |
_aPeltier, Thomas R. _91361 |
|
| 245 | 1 | 0 |
_aInformation security risk analysis / _c Thomas R. Peltier. |
| 250 | _a2nd ed. | ||
| 260 |
_aBoca Raton : _b Auerbach Publications, _c 2005. |
||
| 300 |
_axvi, 344 p. : _b ill. ; _c 24 cm. |
||
| 504 | _aIncludes bibliographical references and index. | ||
| 520 | _aInformation Security Risk Analysis, Second Edition enables CIOs, CSOs, and MIS managers to understand when, why, and how risk assessments and analyses can be conducted effectively. This book discusses the principle of risk management and its three key elements: risk analysis, risk assessment, and vulnerability assessment. It examines the differences between quantitative and qualitative risk assessment, and details how various types of qualitative risk assessment can be applied to the assessment process. The text offers a thorough discussion of recent changes to FRAAP and the need to develop a pre-screening method for risk assessment and business impact analysis. | ||
| 520 | _aUsing the PARA (Practical Application of Risk Analysis) process, this book examines the qualitative risk analysis process and then provides tested variations on the methodology that will allow any organization to implement risk management techniques that will prove to be cost effective. The PARA process can be used by any organization that needs to determine what direction the organization must take on a specific issue. | ||
| 650 | 0 |
_acomputer security. _91362 |
|
| 650 | 0 |
_aComputer networks _x Security measures. _91363 |
|
| 650 | 0 |
_aRisk assessment. _9948 |
|
| 596 | _a1 | ||
| 999 |
_c394 _d394 |
||