Pompon, Raymond
IT Security Risk Control Management
Part I. Getting a Handle on Things
1. Why Audit?
Raymond Pompon
2. Assume Breach
Raymond Pompon
3. Risk Analysis: Assets and Impacts
Raymond Pompon
4. Risk Analysis: Natural Threats
Raymond Pompon
5. Risk Analysis: Adversarial Risk
Raymond Pompon
Part II. Wrangling the Organization
6. Scope
Raymond Pompon
7. Governance
Raymond Pompon
8. Talking to the Suits
Raymond Pompon
9. Talking to the Techs
Raymond Pompon
10. Talking to the Users
Raymond Pompon
Part III. Managing Risk with Controls
11. Policy
Raymond Pompon
12. Control Design
Raymond Pompon
13. Administrative Controls
Raymond Pompon
14. Vulnerability Management
Raymond Pompon
15. People Controls
Raymond Pompon
16. Logical Access Control
Raymond Pompon
17. Network Security
Raymond Pompon
18. More Technical Controls
Raymond Pompon
19. Physical Security Controls
Raymond Pompon
20. Response Controls
Raymond Pompon
Part IV. Being Audited
21. Starting the Audit
Raymond Pompon
22. Internal Audit
Raymond Pompon
23. Third-Party Security
Raymond Pompon
24. Post Audit Improvement
Raymond Pompon
Keywords: Computer Science, Security, Systems and Data Security, Information Systems Applications (incl. Internet)
- Author(s)
- Pompon, Raymond
- Publisher
- Springer
- Publication year
- 2016
- Language
- en
- Edition
- 1
- Page amount
- 31 pages
- Category
- Information Technology, Telecommunications
- Format
- Ebook
- eISBN (PDF)
- 9781484221402
- Printed ISBN
- 978-1-4842-2139-6
