| LIBRARY OF CONGRESS CONTROL NUMBER |
|---|
| LC control number |
2015050140 |
| INTERNATIONAL STANDARD BOOK NUMBER |
|---|
| International Standard Book Number |
9781498740548 |
| DEWEY DECIMAL CLASSIFICATION NUMBER |
|---|
| Call number |
005.8 |
| MAIN ENTRY--PERSONAL NAME |
|---|
| Authors |
Kohnke, Anne |
| TITLE STATEMENT |
|---|
| Title |
The complete guide to cybersecurity risks and controls |
| Statement of responsibility, etc |
Anne Kohnke, Dan Shoemaker, Ken Sigler |
| PUBLICATION, DISTRIBUTION, ETC. (IMPRINT) |
|---|
| Place of publication |
Boca Raton, FL : |
| Publisher |
CRC Press, |
| Date |
c2016. |
| PHYSICAL DESCRIPTION |
|---|
| Extent |
xv, 326 p. : |
| Other Details |
ill. ; |
| Size |
24 cm. |
| SERIES STATEMENT |
|---|
| Series statement |
Internal audit and IT audit |
| CONTENTS |
|---|
| Contents |
1. Why cybersecurity management is important -- 2. Control-based information governance, what it is and how it works -- 3. A survey of control frameworks, general structure, and application -- 4. What are controls and why are they important? -- 5. Implementing a multitiered governance and control framework in a business -- 6. Risk management and prioritization using a control perspective -- 7. Control formulation and implementation process -- 8. Security control validation and verification -- 9. Control framework sustainment and security of operations. |
| SUMMARY |
|---|
| Summary |
The Complete Guide to Cybersecurity Risks and Controls presents the fundamental concepts of information and communication technology (ICT) governance and control. In this book, you will learn how to create a working, practical control structure that will ensure the ongoing, day-to-day trustworthiness of ICT systems and data. The book explains how to establish systematic control functions and timely reporting procedures within a standard organizational framework and how to build auditable trust into the routine assurance of ICT operations. The book is based on the belief that ICT operation is a strategic governance issue rather than a technical concern. With the exponential growth of security breaches and the increasing dependency on external business partners to achieve organizational success, the effective use of ICT governance and enterprise-wide frameworks to guide the implementation of integrated security controls are critical in order to mitigate data theft. Surprisingly, many organizations do not have formal processes or policies to protect their assets from internal or external threats. The ICT governance and control process establishes a complete and correct set of managerial and technical control behaviors that ensures reliable monitoring and control of ICT operations. The body of knowledge for doing that is explained in this text. This body of knowledge process applies to all operational aspects of ICT responsibilities ranging from upper management policy making and planning, all the way down to basic technology operation. |
| SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical Heading |
Computer security |
| SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical Heading |
Computer networks |
| General |
Security measures |
| SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical Heading |
Information technology |
| General |
Security measures |
| ADDED ENTRY |
|---|
| Name |
Shoemaker, Dan |
| ADDED ENTRY |
|---|
| Name |
Sigler, Kenneth |
| ELECTRONIC LOCATION AND ACCESS |
|---|
| Uniform Resource Identifier |
https://uowd.box.com/s/txqrjlyxzuknfqfmikirkc6zqx0e9ip8 |
| Public note |
Location Map |
| MAIN ENTRY--PERSONAL NAME |
|---|
| -- |
38696 |
| SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| -- |
641 |
| SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| -- |
2602 |
| SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| -- |
14841 |
| ADDED ENTRY |
|---|
| -- |
38697 |
| ADDED ENTRY |
|---|
| -- |
38698 |