Auditing Information and Cyber Security Governance
A Controls-Based Approach
1st Edition
Published on 4. October 2024
Book
Paperback/Softback
284 pages
978-1-032-04448-4 (ISBN)
Description
"A much-needed service for society today. I hope this book reaches information managers in the organization now vulnerable to hacks that are stealing corporate information and even holding it hostage for ransom."
- Ronald W. Hull, author, poet, and former professor and university administrator
A comprehensive entity security program deploys information asset protection through stratified technological and non-technological controls. Controls are necessary for counteracting threats, opportunities, and vulnerabilities risks in a manner that reduces potential adverse effects to defined, acceptable levels. This book presents a methodological approach in the context of normative decision theory constructs and concepts with appropriate reference to standards and the respective guidelines. Normative decision theory attempts to establish a rational framework for choosing between alternative courses of action when the outcomes resulting from the selection are uncertain. Through the methodological application, decision theory techniques can provide objectives determination, interaction assessments, performance estimates, and organizational analysis. A normative model prescribes what should exist according to an assumption or rule.
- Ronald W. Hull, author, poet, and former professor and university administrator
A comprehensive entity security program deploys information asset protection through stratified technological and non-technological controls. Controls are necessary for counteracting threats, opportunities, and vulnerabilities risks in a manner that reduces potential adverse effects to defined, acceptable levels. This book presents a methodological approach in the context of normative decision theory constructs and concepts with appropriate reference to standards and the respective guidelines. Normative decision theory attempts to establish a rational framework for choosing between alternative courses of action when the outcomes resulting from the selection are uncertain. Through the methodological application, decision theory techniques can provide objectives determination, interaction assessments, performance estimates, and organizational analysis. A normative model prescribes what should exist according to an assumption or rule.
More details
Series
Language
English
Place of publication
London
United Kingdom
Publishing group
Taylor & Francis Ltd
Target group
Professional and scholarly
Academic, Professional, and Professional Practice & Development
Illustrations
32 s/w Abbildungen, 6 s/w Photographien bzw. Rasterbilder, 26 s/w Zeichnungen
26 Line drawings, black and white; 6 Halftones, black and white; 32 Illustrations, black and white
Dimensions
Height: 254 mm
Width: 178 mm
Thickness: 16 mm
Weight
569 gr
ISBN-13
978-1-032-04448-4 (9781032044484)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Classification
Other editions
Additional editions
Book
09/2021
1st Edition
CRC Press
€95.70
Shipment within 15-20 days
E-Book
09/2021
1st Edition
CRC Press
€63.49
Available for download
E-Book
09/2021
1st Edition
CRC Press
€63.49
Available for download
Person
Dr. Robert E. Davis, CISA, CICA unique qualifications encompass over 30 years of internal control practice and scholarship experience. He has provided data security consulting and information systems auditing services to highly regarded government agencies and corporations of various employee sizes. His past teaching experience includes positions with Temple University, Bryant & Stratton College and Cheyney University, as well as presenting various other training sessions and courses.
Dr. Davis has authored articles addressing IT issues for ITAudit Magazine, ISACA Journal, TechTarget, and IT Governance, LTD, as well as a chapter discussing continuous auditing for Bloomsbury Information. Dr. Davis has written workbooks and other instructional material for Boson Software and Pleier Corporation.
Dr. Davis has authored articles addressing IT issues for ITAudit Magazine, ISACA Journal, TechTarget, and IT Governance, LTD, as well as a chapter discussing continuous auditing for Bloomsbury Information. Dr. Davis has written workbooks and other instructional material for Boson Software and Pleier Corporation.
Content
1. Security Governance
2. Security Governance Environment
3. Security Governance Management
4. Security Governance Processes
5. Organizational Employees
6. External Organizational Actors
7.Information Security Governance Audit
8. Cyber Security Governance Audit
2. Security Governance Environment
3. Security Governance Management
4. Security Governance Processes
5. Organizational Employees
6. External Organizational Actors
7.Information Security Governance Audit
8. Cyber Security Governance Audit