Monday, December 8, 2008

Information Systems Security: Security Management, Metrics, Framework and Best Practices

Security was, is, and will always be a double edged sword. You have to expose your systems and applications to the external world in order to conduct business; but you want to remain in control. How does one achieve this balance?

The best approach, it seems, is to understand information and communication systems themselves, from a security viewpoint. Then one needs to understand the ‘soft spots’, where the systems can be exposed to intrusion and risks, within the overall architecture and design of these systems. These areas of risks can span the entire gamut of information systems including databases, networks, applications, Internet-based communication, web services, mobile technologies and people issues associated with all of them. Effective strategy to ameliorate the risks associated with these aspects of IT systems then needs to be developed, to provide businesses with the confidence to operate in the real world. Furthermore, with increasingly stringent legislations, such as the Sarbanes-Oxley (SOx) legislation, that impose rigid auditing controls over businesses – particularly through their information and communication systems – it is vital for businesses to be fully aware of the security risks associated with their systems as well as the regulatory body pressures; and develop and implement an effective strategy to handle those risks.

This book covers all of the aforementioned issues in depth. It covers all significant aspects of security, as it deals with ICT, and provides practicing ICT security professionals explanations to various aspects of information systems, their corresponding security risks and how to embark on strategic approaches to reduce and, preferably, eliminate those risks. The coverage of the book is vast, and the relevant to immediate practice.

Salient features of the book

• Written by an experienced industry professional working in the domain, a professional with extensive experience in teaching at various levels (student seminars, industry workshops) as well as research.

• A comprehensive treatment and truly a treatise on the subject of Information Security

• Coverage of SOX and SAS 70 aspects for Asset Management in the context of information systems security.

• Covers SOX and SAS 70 aspects for Asset Management in the context of Information Systems Security.

• Detailed explanation of topics "Privacy" and "Biometric Controls".

• IT Risk Analysis covered.

• Review questions and reference material pointers after each chapter.

• Ample figures to illustrate key points – over 250 figures!

• All this is in a single book that should prove as a valuable reference on the topic to students and professionals. Useful for candidates appearing for the CISA certification exam. Maps well with the CBOK for CSTE and CSQA Certifications.

About the author

Nina Godbole has vast experience in the IT industry – System Analysis & Design and Development, as well as Application Support Services, MIS, IT Perspective Planning Training, Security Audits, Quality Management, Operations Management. Nina has also led BPR initiatives and has played an instrumental role in successfully driven organizational initiatives – the ISO 9001, P-CMM and CMM-I. She is an active member of many professional bodies and academic research groups.
Nina holds a Masters Degree from IIT and MS Engineering (Computer Science) degree from Newport University, USA. She is a CQA, CSTE, CISA, PMP and ITIL Foundation Certified professional.

Companion CD contains:

• 37 appendices with checklists, guidelines and more, on the topics covered.
• 17 case illustrations to help readers appreciate/reinforce the understanding of the concepts.
• Workshop Mapping document with ideas for mapping contents of chapters to workshops/seminars on security and privacy.


ISBN: 978-81-265-1692-6 Information Systems Security: Security Management, Metrics, Frameworks and Best Practices Price: Rs 549/- Pages: 1020

To know more, click here:
http://www.slideshare.net/wileyindia/information-systems-security-security-management-metrics-frameworks-and-best-practices

6 comments:

cisa said...

Do you guys know that, there is a growing demand for professionals having skills in Information System audit, security and control. I was interested in getting an excellent job opportunity in the IS audit field, and this site helped me to meet some important requirements. They made me aware that passing the CISA exam is the primary requirement and having at least 5 years of experience as an Information System auditor. I am very thanking full to them. cisa

viagra online said...

I think we should get an excellent control about our applications in order it being perfect, if we have to be successful we have to be sure we're doing everything really good.m10m

inversiones en oro said...

hello, i would like to read more information about this topic because i think that is really interesting, besides, the post has very good informaton.

Buy Generic Viagra said...

this is a so useful guide, specially for people like me, that I take the way of the freelancer, for that reason I need to know a lot of everything, and of course this is one of the best paid in the market.

cialis no prescription said...

Thank you! I didn't know they picked up on it until I saw your comment.

viagra online said...

Thanks for sharing such an interesting post with us. You have made some valuable points which are very useful for all readers