Information Assurance Handbook: Effective Computer Security and Risk Management Strategies

by ;
  • ISBN13:


  • ISBN10:


  • Edition: 1st
  • Format: Paperback
  • Copyright: 2014-09-08
  • Publisher: McGraw-Hill Education

Note: Supplemental materials are not guaranteed with Rental or Used book purchases.

Purchase Benefits

  • Free Shipping On Orders Over $35!
    Your order must be $35 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • Get Rewarded for Ordering Your Textbooks! Enroll Now
  • We Buy This Book Back!
    In-Store Credit: $8.40
    Check/Direct Deposit: $8.00
List Price: $60.00 Save up to $39.76
  • Rent Book $20.24
    Add to Cart Free Shipping


Supplemental Materials

What is included with this book?

  • The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.
  • The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.


Best practices for protecting critical data and systems

Information Assurance Handbook: Effective Computer Security and Risk Management Strategies discusses the tools and techniques required to prevent, detect, contain, correct, and recover from security breaches and other information assurance failures. This practical resource explains how to integrate information assurance into your enterprise planning in a non-technical manner. It leads you through building an IT strategy and offers an organizational approach to identifying, implementing, and controlling information assurance initiatives for small businesses and global enterprises alike.

Common threats and vulnerabilities are described and applicable controls based on risk profiles are provided. Practical information assurance application examples are presented for select industries, including healthcare, retail, and industrial control systems. Chapter-ending critical thinking exercises reinforce the material covered. An extensive list of scholarly works and international government standards is also provided in this detailed guide.

Comprehensive coverage includes:

  • Basic information assurance principles and concepts
  • Information assurance management system
  • Current practices, regulations, and plans
  • Impact of organizational structure
  • Asset management
  • Risk management and mitigation
  • Human resource assurance
  • Advantages of certification, accreditation, and assurance
  • Information assurance in system development and acquisition
  • Physical and environmental security controls
  • Information assurance awareness, training, and education
  • Access control
  • Information security monitoring tools and methods
  • Information assurance measurements and metrics
  • Incident handling and computer forensics
  • Business continuity management
  • Backup and restoration
  • Cloud computing and outsourcing strategies
  • Information assurance big data concerns

Table of Contents

Part I Information Security Infrastructure
1: The Need for Information Security
2: Concepts in Informaiton Security
3: Assets, Threats, Vulnerabilities, Risks, and Controls
4: Security Professionals and Organizations
5: Information Security management System
6: Implementing Information Security Strategy into Current Practices, Regulations, and Plans
Part II Information Security Planning Process
7: Approaches to Implementing Information Security
8: Organizational Structure for Mananging Information Security
9: Asset Management
10: Information Security Risk Management
11: Information Security Policy
12: Human Resouce Security
13: Certification, Accreditation, and Assurance
Part III Information Security Prevention Process
14: Information Security in System Development
15: Physical and Environmental Security Controls
16: Information Security Awareness, Training, and Education
17: Preventive Tools and Techniques
18: Access Control
Part IV Information Security Detection Process
19: Information Security Monitoring Tools and Methods
20: Information Security Measurements and Metrics
Part V Information Security Recovery Process
21: Information Security Incident Handling
22: Computer Forensics
23: Business Continuity
24: Backup and Restoration

Rewards Program

Write a Review