Flylib.com
The Information Systems Security Officers Guide: Establishing and Managing an Information Protection Program
The Information Systems Security Officers Guide: Establishing and Managing an Information Protection Program
ISBN: 0750698969
EAN: 2147483647
Year: 2002
Pages: 204
Authors:
Gerald L. Kovacich CFE CPP CISSP
BUY ON AMAZON
Table of Contents
BackCover
The Information Systems Security Officer s Guide - Establishing and Managing an Information Protection Program, Second Edition
Preface
Introduction
Ed Halibozek
Andy Jones
Steve Lutz
Section I: The Working Environment of an ISSO
Chapter 1: Understanding the Information World Environment
Introduction
Revolutions and Evolutions in High Technology
Global Information Infrastructure (GII)
National Information Infrastructure (NII)
How did We Get From Adam to the Internet?
Changing Criminal Justice Systems
The Human Factor
Questions to Consider
Summary
Chapter 2: Understanding the Business and Management Environment
The Changing Business and Government Environments
Understanding the Business Environment
Management Responsibilities and Communicating with Management
Creating a Competitive Advantage Through InfoSec
The ISSO as a Business Manager
Service, Support, and a Business Orientation
Business Managers and InfoSec
Questions to Consider
Summary
Chapter 3: Understanding Today s Threats to Information Assets
Introduction
ISSO Must Understand Threat Agents Motive-Rationalization-Opportunity
Questions to Consider
Summary
Chapter 4: The International Widget Corporation (IWC)
Introduction
IWC Background Information
Key Elements for the ISSO to Consider
Getting to Know IWC
IWC s Business Plans
IWC and the History of its ISSO
CIAPP Planning
IWC s Departments of Primary Importance to the ISSO
IWC Vision, Mission, and Quality Statements
Questions to Consider
Summary
Section II: The Duties and Responsibilities of an ISSO
Chapter 5: The ISSO s Position, Duties, and Responsibilities
Introduction
The ISSO in the International Widget Corporation (IWC)
IWC ISSO Duties and Responsibilities
Goals and Objectives
Leadership Position
Providing CIAPP Service and Support
Use Team Concepts
Vision, Mission, and Quality Statements
Information Systems Protection Principles
Project and Risk Management Processes
ISSO and CIAPP Organizational Responsibilities
Questions to Consider
Summary
Chapter 6: The Infosec Strategic, Tactical, and Annual Plans
Introduction
IWC s Infosec Strategic Plan
IWC s Infosec Tactical Plan
IWC s Infosec Annual Plan
Mapping ISSSP, ITP, and IAP to Projects using a Matrix
Questions to Consider
Summary
Chapter 7: Establishing a CIAPP and Infosec Organization
Introduction
Corporate Information Assets Protection Program (CIAPP)
ISSO thought Process in Establishing the Infosec Organization
Questions to Consider
Summary
Chapter 8: Determining and Establishing InfoSec Functions
Introduction
Processes
Valuing Information
IWC InfoSec Functions Process Development
IWC ISSO s InfoSec Functions
Access Control and Access Control Systems
Evaluation of all Hardware, Firmware, and Software
Risk Management Program
Security Tests and Evaluations Program
Noncompliance Inquiries
Contingency and Emergency Planning and Disaster Recovery Program (CEP-DR)
Questions to Consider
Summary
Chapter 9: Establishing a Metrics Management System
Introduction
Metrics 1: Infosec LOE Drivers - Number of Users
Examples of Other Metrics Charts
Project Management
Questions to Consider
Summary
Chapter 10: Annual Reevaluation and Future Plans
Introduction
One-Year Review
Infosec Strategic, Tactical, and Annual Plans
Linking Infosec Accomplishments to IWC Goals
Metrics Analysis
Planning for Next Year
Questions to Consider
Summary
Chapter 11: High-Technology Crimes Investigative Support
Introduction
Duties and Responsibilities of an ISSO in Deterring High-Technology Crimes
Assisting with Computer Forensics Support
Dealing with Law Enforcement
Questions to Consider
Summary
Chapter 12: InfoSec in the Interest of National Security
Introduction
National Security Classified Information
Responsibilities
Collective Infosec Controls
Government Customer Approval Process
AIS Modes of Operation
The Appointment of the Defense Industry-Related Corporation s Focal Point for Infosec
Documenting and Gaining Government Customer Approval for Processing, Storing, and Transmitting National Security Information
Questions to Consider
Summary
Section III: The Global, Professional, and Personal Challenges of an ISSO
Chapter 13: The Related World of Information Warfare, Information Operations, and Information Assurance
Introduction
Introduction to Global Information Warfare
IW Terms of Reference
Information Warfare is a Powerful Approach for Attaining and Maintaining a Competitive Advantage
Questions to Consider
Summary
Chapter 14: The ISSO and Ethical Conduct
Introduction
Codes of Ethics
Corporate Ethics, Standards of Conduct, Business Practices, and Corporate Values
Impact of Ethics on the Corporate Information Assets Protection Program (CIAPP)
Questions to Consider
Summary
Chapter 15: ISSO Career Development
Introduction
The ISSO s Career Development Program
Establishing and Managing an Infosec Career Development Program
Education
Conferences and Training
Networking
The Internet
Using Trade Journals and Magazines for Training
Experience
Certifications
Associations
ISSO Professionals - What You Can do to Help Others
Questions to Consider
Summary
Chapter 16: How to Market Yourself as an ISSO
Introduction
Interviewing for the ISSO Position
Sample ISSO Portfolio Outline
Questions to Consider
Summary
Chapter 17: So, Are You Ready to Become an InfoSec Consultant?
Introduction
Ya Gotta Have a Plan
Getting Started
Questions to Consider
Summary
Chapter 18: 21st-century Challenges for the ISSO
Introduction
Nation-States - Will They Last?
Societies
The Future of High Technology
Global Competition
The Future Role of ISSO Professionals
Managing a CIAPP and Corporate Infosec Organization in the Future
Other Considerations
Questions to Consider
Summary
Index
Index_B
Index_C
Index_D
Index_E
Index_F
Index_G
Index_H
Index_I
Index_J
Index_K
Index_L
Index_M
Index_N
Index_O
Index_P
Index_Q
Index_R
Index_S
Index_T
Index_U
Index_V
Index_W
Index_Y
List of Figures
List of Case Studies
List of Sidebars
The Information Systems Security Officers Guide: Establishing and Managing an Information Protection Program
ISBN: 0750698969
EAN: 2147483647
Year: 2002
Pages: 204
Authors:
Gerald L. Kovacich CFE CPP CISSP
BUY ON AMAZON
MySQL Stored Procedure Programming
Putting It All Together
Using PHP with the mysqli Extension
Using MySQL with PHP Data Objects
Executing Stored Programs with DBD::mysql
Conclusion
Absolute Beginner[ap]s Guide to Project Management
Developing the Work Breakdown Structure
Reasons for Estimating Woes
What Exactly Is a Project Change and Whats the Big Deal Anyway?
"Managing Project Deliverables" Means What Exactly?
Where Is Leadership Needed on a Project?
The Complete Cisco VPN Configuration Guide
Packet Authentication
L2TP
Viewing and Managing Connections
Summary
PIX and ASA Feature and Product Overview
Cisco IOS Cookbook (Cookbooks (OReilly))
Tagging DLSw Packets for QoS
Setting SNMP Packet Size
Limiting the Impact of IP Helper Addresses
Load-Balancing with HSRP
HSRP SNMP Support
Junos Cookbook (Cookbooks (OReilly))
Setting the Source Address for Telnet Connections
Setting an IP Address for the Router
Configuring Ethernet Interfaces
Changing a Routes Routing Information
Introduction
Java All-In-One Desk Reference For Dummies
Book III - Object-Oriented Programming
Handling Events
Getting Input from the User
Using Java Server Pages
Working with Files
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy
This website uses cookies. Click
here
to find out more.
Accept cookies