Includes bibliographical references (pages 423-426) and index.

Risk management fundamentals
Managing risk: threats, vulnerabilities, and exploits
Understanding and maintaining compliance
Developing a risk management plan
Defining risk assessment approaches
Performing a risk assessment
Identifying assets and activities to be protected
Identifying and analyzing threats, vulnerabilities, and exploits
Identifying and analyzing risk mitigation security controls
Planning risk mitigation throughout an organization
Turning your risk assessment into a risk mitigation plan
Mitigating risk with a business impact analysis
Mitigating risk with a business continuity plan
Mitigating risk with a disaster recovery plan
Mitigating risk with a computer incident response team plan

PART OF THE NEW JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES! Managing Risk in Information Systems provides a unique, in-depth look at how to manage and reduce IT associated risks. Written by an industry expert, this book provides a comprehensive explanation of the SSCP® Risk, Response, and Recovery Domain in addition to providing a thorough overview of risk management and its implications on IT infrastructures and compliance. Using examples and exercises, this book incorporates hands-on activities to walk the reader through the fundamentals of risk management, strategies and approaches for mitigating risk, and the anatomy of how to create a plan that reduces risk."

College of Engineering and Computer Studies Bachelor of Science in Computer Science

Text in English