Information security : (Record no. 42335)
[ view plain ]
| 000 -LEADER | |
|---|---|
| fixed length control field | 09714nam a2200829 i 4500 |
| 001 - CONTROL NUMBER | |
| control field | 5989138 |
| 003 - CONTROL NUMBER IDENTIFIER | |
| control field | IEEE |
| 005 - DATE AND TIME OF LATEST TRANSACTION | |
| control field | 20191218152121.0 |
| 006 - FIXED-LENGTH DATA ELEMENTS--ADDITIONAL MATERIAL CHARACTERISTICS | |
| fixed length control field | m o d |
| 007 - PHYSICAL DESCRIPTION FIXED FIELD--GENERAL INFORMATION | |
| fixed length control field | cr |n||||||||| |
| 008 - FIXED-LENGTH DATA ELEMENTS--GENERAL INFORMATION | |
| fixed length control field | 151221s2006 nju ob 001 eng d |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER | |
| International Standard Book Number | 9780471784340 |
| Qualifying information | electronic |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER | |
| International Standard Book Number | 0471784346 |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER | |
| Canceled/invalid ISBN | 0471736120 |
| Qualifying information | paper |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER | |
| Canceled/invalid ISBN | 9780471736127 |
| Qualifying information | |
| 024 7# - OTHER STANDARD IDENTIFIER | |
| Standard number or code | 10.1109/9780471784340 |
| Source of number or code | doi |
| 035 ## - SYSTEM CONTROL NUMBER | |
| System control number | (CaBNVSL)mat05989138 |
| 035 ## - SYSTEM CONTROL NUMBER | |
| System control number | (IDAMS)0b000064816249a3 |
| 040 ## - CATALOGING SOURCE | |
| Original cataloging agency | CaBNVSL |
| Language of cataloging | eng |
| Description conventions | rda |
| Transcribing agency | CaBNVSL |
| Modifying agency | CaBNVSL |
| 050 #4 - LIBRARY OF CONGRESS CALL NUMBER | |
| Classification number | T58.6 |
| Item number | .L48 2006eb |
| 100 1# - MAIN ENTRY--PERSONAL NAME | |
| Personal name | LeVeque, Vincent, |
| Relator term | author. |
| 245 10 - TITLE STATEMENT | |
| Title | Information security : |
| Remainder of title | a strategic approach / |
| Statement of responsibility, etc. | Vincent LeVeque. |
| 264 #1 - PRODUCTION, PUBLICATION, DISTRIBUTION, MANUFACTURE, AND COPYRIGHT NOTICE | |
| Place of production, publication, distribution, manufacture | [Hoboken, New Jersey] : |
| Name of producer, publisher, distributor, manufacturer | Wiley, |
| Date of production, publication, distribution, manufacture, or copyright notice | c2006 |
| 264 #2 - PRODUCTION, PUBLICATION, DISTRIBUTION, MANUFACTURE, AND COPYRIGHT NOTICE | |
| Place of production, publication, distribution, manufacture | [Piscataqay, New Jersey] : |
| Name of producer, publisher, distributor, manufacturer | IEEE Xplore, |
| Date of production, publication, distribution, manufacture, or copyright notice | [2006] |
| 300 ## - PHYSICAL DESCRIPTION | |
| Extent | 1 PDF (1 v.). |
| 336 ## - CONTENT TYPE | |
| Content type term | text |
| Source | rdacontent |
| 337 ## - MEDIA TYPE | |
| Media type term | electronic |
| Source | isbdmedia |
| 338 ## - CARRIER TYPE | |
| Carrier type term | online resource |
| Source | rdacarrier |
| 490 1# - SERIES STATEMENT | |
| Series statement | Practitioners ; |
| Volume/sequential designation | 11 |
| 504 ## - BIBLIOGRAPHY, ETC. NOTE | |
| Bibliography, etc. note | Includes bibliographical references. |
| 505 0# - FORMATTED CONTENTS NOTE | |
| Formatted contents note | List of Figures -- Preface -- 1. Introduction -- Strategy Overview -- Strategy and Information Technology -- Strategy and Information Security -- An Information Security Strategic Planning Methodology -- The Business Environment -- Information Value -- Risk -- The Strategic Planning Process -- The Technology Plan -- The Management Plan -- Theory and Practice -- 2. Developing an Information Security Strategy -- Overview -- An Information Security Strategy Development Methodology -- Strategy Prerequisites -- Research Sources -- Preliminary Development -- Formal Project Introduction -- Fact Finding -- General Background Information -- Documentation Review -- Interviews -- Surveys -- Research Sources -- Analysis Methods -- Strengths, Weaknesses, Opportunities, and Threats -- Business Systems Planning -- Life-Cycle Methods -- Critical Success Factors -- Economic Analysis -- Risk Analysis -- Benchmarks and Best Practices -- Compliance Requirements -- Analysis Focus Areas -- Industry Environment -- Organizational Mission and Goals -- Executive Governance -- Management Systems and Controls -- Information Technology Management -- Information Technology Architecture -- Security Management -- Draft Plan Presentation -- Final Plan Presentation -- Options for Plan Development -- A Plan Outline -- Selling the Strategy -- Plan Maintenance -- The Security Assessment and the Security Strategy -- Strategy Implementation: -- What is a Tactical Plan? -- Converting Strategic goals to Tactical Plans -- Turning Tactical Planning Outcomes into Ongoing Operations -- Key Points -- Plan Outline -- 3. The Technology Strategy -- Thinking About Technology -- Planning Technology Implementation -- Technology Forecasting -- Some Basic Advice -- Technology Life-Cycle Models -- Technology Solution Evaluation -- Role of Analysts -- Technology Strategy Components: -- The Security Strategy Technical Architecture -- Leveraging Existing Vendors -- Legacy Technology -- The Management Dimension -- Overall Technical Design. |
| 505 8# - FORMATTED CONTENTS NOTE | |
| Formatted contents note | The Logical Technology Architecture -- Specific Technical Components -- Servers -- Network Zones -- External Network Connections -- Desktop Systems -- Applications and DBMS -- Portable Computing Devices -- Telephone Systems -- Control Devices -- Intelligent Peripherals -- Facility Security Systems -- Security Management Systems -- Key Points -- 4. The Management Strategy -- Control Systems -- Control Systems and the Information Security Strategy -- Governance -- Ensuring IT Governance -- IT Governance Models -- Current Issues in Governance -- Control Objectives for Information and Related Technology (CobiT) -- IT Balanced Scorecard -- Governance in Information Security -- End-User Role -- An IT Management Model for Information Security -- Policies, Procedures, and Standards -- Assigning Information Security Responsibilities -- To Whom Should Information Security Report? -- Executive Roles -- Organizational Interfaces -- Information Security Staff Structure -- Staffing and Funding Levels -- Managing Vendors -- Organizational Culture and Legitimacy -- Training and Awareness -- Key Points -- 5. Case Studies -- Case Study 1-Singles Opportunity Services -- Background -- Developing the Strategic Plan -- Information Value Analysis -- Risk Analysis -- Technology Strategy -- Management Strategy -- Implementation -- Case Study 2-Rancho Nachos Mosquito Abatement District -- Background -- Developing the Strategic Plan -- Information Value Analysis -- Risk Analysis -- Technology Strategy -- Management Strategy -- Implementation -- Key Points -- 6. Business and IT Strategy: -- Introduction -- Strategy and Systems of Management -- Business Strategy Models -- Boston Consulting Group Business Matrix -- Michael Porter-Competitive Advantage -- Business Process Reengineering -- The Strategy of No Strategy -- IT Strategy -- Nolan/Gibson Stages of Growth -- Information Engineering -- Rockart's Critical Success Factors -- IBM Business System Planning (BSP) -- So is IT really (3z(Bstrategic(3y(B?. |
| 505 8# - FORMATTED CONTENTS NOTE | |
| Formatted contents note | IT Strategy and Information Security Strategy -- Key Points -- 7. Information Economics -- Concepts of Information Protection -- Information Ownership -- From Ownership to Asset -- Information Economics and Information Security -- Basic Economic Principles -- Why is Information Economics Difficult? -- Information Value-Reducing Uncertainty -- Information Value-Improved Business Processes -- Information Security Investment Economics -- The Economic Cost of Security Failures -- Future Directions in Information Economics -- Information Management Accounting-Return on Investment -- Economic Models and Management Decision Making -- Information Protection or Information Stewardship? -- Key Points -- 8. Risk Analysis -- Compliance Versus Risk Approaches -- The (3z(BClassic(3y(B Risk Analysis Model -- Newer Risk Models -- Process-Oriented Risk Models -- Tree-Based Risk Models -- Organizational Risk Cultures -- Risk Averse, Risk Neutral, and Risk Taking Organizations -- Strategic Versus Tactical Risk Analysis -- When Compliance-based Models are Appropriate -- Risk Mitigation -- Key Points -- Notes and References -- Index. |
| 506 1# - RESTRICTIONS ON ACCESS NOTE | |
| Terms governing access | Restricted to subscribers or individual electronic text purchasers. |
| 520 ## - SUMMARY, ETC. | |
| Summary, etc. | Bridging the gap between information security and strategic planningThis publication is a reflection of the author's firsthand experience as an information security consultant, working for an array of clients in the private and public sectors. Readers discover how to work with their organizations to develop and implement a successful information security plan by improving management practices and by establishing information security as an integral part of overall strategic planning.The book starts with an overview of basic concepts in strategic planning, information technology strategy, and information security strategy. A practical guide to defining an information security strategy is then provided, covering the "nuts and bolts" of defining long-term information security goals that effectively protect information resources. Separate chapters covering technology strategy and management strategy clearly demonstrate that both are essential, complementary elements in protecting information.Following this practical introduction to strategy development, subsequent chapters cover the theoretical foundation of an information security strategy, including:. Examination of key enterprise planning models that correspond to different uses of information and different strategies for securing information. Review of information economics, an essential link between information security strategy and business strategy. Role of risk in building an information security strategyTwo separate case studies are developed, helping readers understand how the development and implementation of information security strategies can work within their own organizations.This is essential reading for information security managers, information technology executives, and consultants. By linking information security to general management strategy, the publication is also recommended for nontechnical executives who need to protect the value and security of their organization's information. |
| 530 ## - ADDITIONAL PHYSICAL FORM AVAILABLE NOTE | |
| Additional physical form available note | Also available in print. |
| 538 ## - SYSTEM DETAILS NOTE | |
| System details note | Mode of access: World Wide Web |
| 588 ## - SOURCE OF DESCRIPTION NOTE | |
| Source of description note | Description based on PDF viewed 12/21/2015. |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name entry element | Management information systems |
| General subdivision | Security measures. |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name entry element | Computer security. |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name entry element | Strategic planning. |
| 655 #0 - INDEX TERM--GENRE/FORM | |
| Genre/form data or focus term | Electronic books. |
| 695 ## - | |
| -- | Availability |
| 695 ## - | |
| -- | Computer aided software engineering |
| 695 ## - | |
| -- | Control systems |
| 695 ## - | |
| -- | Economics |
| 695 ## - | |
| -- | Indexes |
| 695 ## - | |
| -- | Industries |
| 695 ## - | |
| -- | Information security |
| 695 ## - | |
| -- | Information technology |
| 695 ## - | |
| -- | Interviews |
| 695 ## - | |
| -- | Intrusion detection |
| 695 ## - | |
| -- | Investments |
| 695 ## - | |
| -- | Law |
| 695 ## - | |
| -- | NIST |
| 695 ## - | |
| -- | Organizations |
| 695 ## - | |
| -- | Planning |
| 695 ## - | |
| -- | Presses |
| 695 ## - | |
| -- | Process control |
| 695 ## - | |
| -- | Proposals |
| 695 ## - | |
| -- | Standards organizations |
| 695 ## - | |
| -- | Strategic planning |
| 695 ## - | |
| -- | Temperature measurement |
| 695 ## - | |
| -- | Training |
| 695 ## - | |
| -- | Web sites |
| 710 2# - ADDED ENTRY--CORPORATE NAME | |
| Corporate name or jurisdiction name as entry element | IEEE Xplore (Online Service), |
| Relator term | distributor. |
| 710 2# - ADDED ENTRY--CORPORATE NAME | |
| Corporate name or jurisdiction name as entry element | John Wiley & Sons, |
| Relator term | publisher. |
| 730 0# - ADDED ENTRY--UNIFORM TITLE | |
| Uniform title | IEEE Xplore (Livres) |
| 776 08 - ADDITIONAL PHYSICAL FORM ENTRY | |
| Relationship information | Print version: |
| International Standard Book Number | 9780471736127 |
| 830 #0 - SERIES ADDED ENTRY--UNIFORM TITLE | |
| Uniform title | Practitioners ; |
| Volume/sequential designation | 11 |
| 856 42 - ELECTRONIC LOCATION AND ACCESS | |
| Materials specified | Abstract with links to resource |
| Uniform Resource Identifier | https://ieeexplore.ieee.org/xpl/bkabstractplus.jsp?bkn=5989138 |
No items available.