Muutke küpsiste eelistusi

E-raamat: How to Complete a Risk Assessment in 5 Days or Less

(Thomas R. Peltier Associates, LLC, Wyandotte, Michigan, USA Thomas R. Peltier Associates, LLC, Wyandotte, Michigan, USA)
  • Formaat: PDF+DRM
  • Ilmumisaeg: 18-Nov-2008
  • Kirjastus: Auerbach
  • Keel: eng
  • ISBN-13: 9781420062762
Teised raamatud teemal:
  • Formaat - PDF+DRM
  • Hind: 80,59 €*
  • * hind on lõplik, st. muud allahindlused enam ei rakendu
  • Lisa ostukorvi
  • Lisa soovinimekirja
  • See e-raamat on mõeldud ainult isiklikuks kasutamiseks. E-raamatuid ei saa tagastada.
How to Complete a Risk Assessment in 5 Days or LessSuurem pilt
  • Formaat: PDF+DRM
  • Ilmumisaeg: 18-Nov-2008
  • Kirjastus: Auerbach
  • Keel: eng
  • ISBN-13: 9781420062762
Teised raamatud teemal:

DRM piirangud

  • Kopeerimine (copy/paste):

    ei ole lubatud

  • Printimine:

    ei ole lubatud

  • Kasutamine:

    Digitaalõiguste kaitse (DRM)
    Kirjastus on väljastanud selle e-raamatu krüpteeritud kujul, mis tähendab, et selle lugemiseks peate installeerima spetsiaalse tarkvara. Samuti peate looma endale  Adobe ID Rohkem infot siin. E-raamatut saab lugeda 1 kasutaja ning alla laadida kuni 6'de seadmesse (kõik autoriseeritud sama Adobe ID-ga).

    Vajalik tarkvara
    Mobiilsetes seadmetes (telefon või tahvelarvuti) lugemiseks peate installeerima selle tasuta rakenduse: PocketBook Reader (iOS / Android)

    PC või Mac seadmes lugemiseks peate installima Adobe Digital Editionsi (Seeon tasuta rakendus spetsiaalselt e-raamatute lugemiseks. Seda ei tohi segamini ajada Adober Reader'iga, mis tõenäoliselt on juba teie arvutisse installeeritud )

    Seda e-raamatut ei saa lugeda Amazon Kindle's. 

Successful security professionals have had to modify the process of responding to new threats in the high-profile, ultra-connected business environment. But just because a threat exists does not mean that your organization is at risk. This is what risk assessment is all about. How to Complete a Risk Assessment in 5 Days or Less demonstrates how to identify threats your company faces and then determine if those threats pose a real risk to the organization.





To help you determine the best way to mitigate risk levels in any given situation, How to Complete a Risk Assessment in 5 Days or Less includes more than 350 pages of user-friendly checklists, forms, questionnaires, and sample assessments.





Presents Case Studies and Examples of all Risk Management Components





Based on the seminars of information security expert Tom Peltier, this volume provides the processes that you can easily employ in your organization to assess risk.





Answers such FAQs as:



















Why should a risk analysis be conducted?













Who should review the results?













How is the success measured?











Always conscious of the bottom line, Peltier discusses the cost-benefit of risk mitigation and looks at specific ways to manage costs. He supports his conclusions with numerous case studies and diagrams that show you how to apply risk management skills in your organizationand its not limited to information security risk assessment. You can apply these techniques to any area of your business. This step-by-step guide to conducting risk assessments gives you the knowledgebase and the skill set you need to achieve a speedy and highly-effective risk analysis assessment in a matter of days.
Acknowledgments xi
About the Author xiii
Introduction xv
1 The Facilitated Risk Analysis and Assessment Process (FRAAP) 1
1.1 Introduction
1
1.2 FRAAP Overview
2
1.3 FRAAP History
3
1.4 Introducing the FRAAP
5
1.4.1 Key Concepts
6
1.5 The Pre-FRAAP Meeting
8
1.5.1 Pre-FRAAP Meeting Checklist
13
1.5.2 Pre-FRAAP Meeting Summary
18
1.6 The FRAAP Session
18
1.6.1 Overview
18
1.6.2 FRAAP Session Introduction
19
1.6.3 FRAAP Session Talking Points
20
1.6.4 FRAAP Threats Identification
22
1.6.5 Identifying Threats Using a Checklist
25
1.6.6 Identifying Existing Controls
26
1.6.7 Establishing Risk Levels
26
1.6.8 Residual Risk
30
1.7 Using a Threats Identification Checklist
38
1.7.1 FRAAP Session Summary
43
1.8 Post-FRAAP Process
47
1.8.1 Complete the Action Plan
50
1.9 Conclusion
54
2 Risk Analysis (Project Impact Analysis) 57
2.1 Overview
57
2.2 The Difference between Risk Analysis and Risk Assessment
57
2.3 Risk Analysis and Due Diligence
58
2.4 Risk Assessment and Fiduciary Duty
58
2.5 Performing a Risk Analysis
59
2.6 Risk Analysis Elements
61
2.7 Other Considerations
62
2.8 When to Conduct a Risk Analysis
64
2.9 Final Words
64
2.10 Sample Risk Analysis Questionnaire
65
2.11 Sample Risk Analysis Report Outline
65
3 Pre-Screening 67
3.1 Introduction
67
3.2 Background
71
3.2.1 Pre-Screening Example 1
71
3.2.2 Pre-Screening Example 2
73
3.2.3 Pre-Screening Example 3
75
3.2.4 Pre-Screening Example 4
78
3.3 Summary
78
4 Business Impact Analysis 81
4.1 Overview
81
4.2 BIA versus Risk Assessment
82
4.3 Creating a BIA Process
83
4.4 Creating the Financial Impact Table
84
4.5 Working the BIA Process
86
4.6 Additional Examples
88
4.7 Objectives of the BIA
93
4.8 Using Questionnaires for a BIA
93
4.9 Data Collection and Analysis
95
4.10 Prepare Management Presentation
96
4.11 Final Thoughts
97
5 Gap Analysis 99
5.1 Introduction
99
5.2 Background
99
5.3 GAP Analysis Process
100
5.3.1 Gap Analysis Example 1
103
5.3.2 Gap Analysis Example 2
106
5.3.3 How to Use the Self-Assessment Checklist
107
5.4 Summary
108
Appendix A Facilitator Skills 111
Appendix B FRAAP Team Members 117
Introduction
117
The Risk Assessment Team
118
Conclusion
123
Appendix C Project Scope Statement 125
Overview
125
Summary
128
Appendix D Laws, Standards, and Regulations 129
Appendix E Frequently Asked Questions about Risk Management 131
Introduction
131
Is There a Difference between Risk Analysis and Risk Assessment?
131
Why Should a Risk Analysis Be Conducted?
132
When Should a Risk Assessment Be Conducted?
132
Who Should Conduct the Risk Assessment?
133
How Long Should a Risk Assessment Take?
134
What Can a Risk Analysis or Risk Assessment Analyze?
134
Who Should Review the Results of a Risk Analysis and Risk Assessment?
134
How Is the Success of the Risk Analysis Measured?
135
Summary
135
Appendix F Risk Analysis versus Risk Assessment 137
Overview
137
The Difference between Risk Analysis and Risk Assessment
137
Risk Analysis and Due Diligence
138
Risk Assessment and Fiduciary Duty
138
Conducting a Risk Assessment
139
Risk Assessment Timetable
140
Risk Assessment and Risk Analysis Results
140
Risk Management Metrics
140
Summary
141
Appendix G Sample Threat Checklist 143
Appendix H Sample BIA Questionnaire 153
Appendix I Sample Risk Assessment Management Summary Report 251
Risk Assessment Scope Summary
252
Assessment Methodology Used
252
Assessment Findings and Action Plan
253
Full Findings Documentation
254
Conclusion
254
Appendix J Project Scope Statement 259
Introduction
259
Project Statement
260
Specifications
260
Well-Defined Standards and Metrics
262
Summary
263
Appendix K Why Risk Assessments Fail 265
Scope Creep
265
Ineffective Project Team
266
Stating Concerns as How They Impact Security
266
Every Threat Is a Major Concern
267
Conclusion
267
Appendix L Gap Analysis Examples 269
Overview
269
Gap Analysis Using ISO 17799
270
Answer the Following Questions
270
Gap Analysis Using Utility-Specific Standards
298
Gap Analysis Sample 3 Using Combination of Standards and Laws
344
Appendix M Control Lists 399
Overview
399
Appendix N Heat Charts 423
Index 431
Peltier, Thomas R.
Lisainfo e-raamatute kohta Lisainfo e-raamatute kohta
Püsilink: https://www.kriso.ee/db/97814200627622e.html
Märksõnad: