Information Protection Playbook, 1st Edition

  • Published By:
  • ISBN-10: 0124172423
  • ISBN-13: 9780124172425
  • DDC: 005.8
  • Grade Level Range: College Freshman - College Senior
  • 128 Pages | eBook
  • Original Copyright 2014 | Published/Released May 2014
  • This publication's content originally published in print form: 2014

  • Price:  Sign in for price



The Information Protection Playbook is a comprehensive resource for information protection (IP) professionals who must provide adequate at a reasonable cost. It emphasizes a holistic view of IP: one that protects applications, systems, and networks that deliver business information from failures of confidentiality, integrity, availability, trust and accountability, and privacy. Using the guidelines in the playbook, security and IT managers will learn to implement the five functions of an IP framework: governance, program planning, risk management, incident response management, and program administration. These functions are based on a model promoted by the Information Systems Audit and Control Association (ISACA) and validated by thousands of Certified Information Security Managers. The extensive appendices at the end of the book are an excellent resource for security or IT managers building an IP program. They include a board of directors presentation with sample slides; an IP policy document checklist; a risk prioritization procedure matrix, a facility management self-assessment questionnaire; and a representative job descriptions for IP roles. The Information Protection Playbook is a part of Elsevier's Security Executive Council Risk Management Portfolio—real-world solutions and "how-to" guidelines that provide executives, practitioners, and educators with proven information for successful security and risk management programs.

Table of Contents

Front Cover.
Half Title Page.
Title Page.
Copyright Page.
Executive Summary.
About the Information Protection Playbook.
1: Information Protection Function One: Governance.
2: Information Protection Function Two: Program Planning.
3: Information Protection Function Three: Risk Management.
4: Information Protection Function Four: Incident Response Management.
5: Information Protection Function Five: Program Administration.
Appendix A: Playbook Summary.
Appendix B: Board of Directors Presentation.
Appendix C: Information Protection Policies Checklist.
Appendix D: An Example Roles and Responsibilities RACI Matrix.
Appendix E: Risk Prioritization Procedure Matrix.
Appendix F: Security Awareness and Training Menu.
Appendix G: Risk Assessment and Compliance Checklist.
Appendix H: Incident Response.
Appendix I: Facility Management Self-Assessment.
Appendix J: Roles in Information Protection.
Appendix K: Measurement in Information Protection.
Additional Resources.
About the Contributing Editors.