Request for consultation
MANAGEMENT OF INFORMATION SECURITY, Fourth Edition gives students an overview of information security and assurance using both domestic and international standards, all from a management perspective. Beginning with the foundational and technical components of information security, this edition then focuses on access control models, information security governance, and information security program assessment and metrics.The Fourth Edition is revised and updated to reflect evolving standards in the field, including the ISO 27000 series.
- Full coverage of the newly released National Initiative for Cybersecurity Education (NICE) standards with instructor support for mapping the text to this standard.
- Enhanced content on Governance, Risk Management and Compliance (GRC), Contingency Planning and Incident Response, and Policy Management.
- In-depth discussion of controls and control selection based on COBIT 5.
- Expanded treatment on security convergence and the evolution of joint physical and logical security programs.
- Updated presentation of the laws, regulations and ethical perspectives on information security topics.
- Ethical Dilemmas are a new end-of-chapter feature that explore the ethical decision making involved with issues linked to the in-chapter case study.
- Reinforces skills as they are learned with in-depth review questions, hands-on activities, and case projects in each chapter.
- Provides students with the latest information on national and international standards, as well as the ISO 27000 series.
- Detailed coverage in key managerial areas of Information Security Governance such as Access Control Models, Information Security Program Assessments, and Metrics.
- Running case study feature follows a fictional company as it encounters various information security issues, followed by group discussion questions.
- "Viewpoint" essays illustrate interesting topics and provide students with real-world examples.
2. Planning for Security.
3. Planning for Contingencies.
4. Information Security Policy.
5. Developing the Security Program.
6. Security Management Models.
7. Security Management Practices.
8. Risk Management: Identifying and Assessing Risk.
9. Risk Management: Controlling Risk.
10. Protection Mechanisms.
11. Personnel and Security.
12. Law and Ethics.
Appendix A. NIST SP 800-26, Security Self-Assessment Guide for Information.
Technology Systems and ISO 27002 Questionnaire.
Appendix B. Risk Management Models.
Cengage provides a range of supplements that are updated in coordination with the main title selection. For more information about these supplements, contact your Learning Consultant.
Instructor's Web Site
Everything you need for your course in one place. This collection of product-specific lecture and class tools is available online via the instructor resource center at www.cengage.com/login. You'll be able to access and download materials such as PowerPoint® presentations, images, instructor’s manual, videos, and more.
Cengage Learning Testing, powered by Cognero® Instant Access
Cengage Learning Testing. powered by Cognero®, is a flexible, online system that allows you to import, edit, and manipulate content from the text's test bank or elsewhere, including your own favorite test questions. Create multiple test versions in an instant and deliver tests from your LMS, your classroom, or wherever you want.