skip to content
Practical risk management for the CIO Preview this item
ClosePreview this item
Checking...

Practical risk management for the CIO

Author: Mark Scherling
Publisher: Boca Raton : CRC Press/Auerbach Book, ©2011.
Edition/Format:   eBook : Document : EnglishView all editions and formats
Rating:

(not yet rated) 0 with reviews - Be the first.

Subjects
More like this

Find a copy online

Links to this item

Find a copy in the library

&AllPage.SpinnerRetrieving; Finding libraries that hold this item...

Details

Genre/Form: Electronic books
Additional Physical Format: Print version:
Scherling, Mark.
Practical risk management for the CIO.
Boca Raton : Auerbach Publications, 2011
(DLC) 2011017505
(OCoLC)659750473
Material Type: Document, Internet resource
Document Type: Internet Resource, Computer File
All Authors / Contributors: Mark Scherling
ISBN: 9781439856543 1439856540
OCLC Number: 725921846
Description: 1 online resource (xiv, 370 pages) : illustrations
Contents: Introduction: Why Risk Management? Liability; Personal Data Disclosed or Stolen; Intellectual Property Lost or Stolen; Wrong Decisions Made; Liability Risks Service Delivery; Transaction Centric; Information Centric; Risks to Service Delivery; Risks to the CIO PRINCIPLES AND CONCEPTS Overview; Market Risks; Budget Risks; People Risks; Technology Risks; Operational Risks; Information Risks; Control Risks; Detection Risks; Risk Treatment Basic Concepts, Principles, And Practices ; Concepts; Risk IT Framework Principles; ISO 31000 Risk Management Principles; Other Risk Management Principles; Summary: Risk Management and Risk IT Principles; Information Security Principles; Accountability Principle; Awareness Principle; Ethics Principle; Multidisciplinary Principle; Proportionality Principle; Integration Principle; Timeliness Principle; Assessment Principle; Equity Principle; Information Management Principles; Value; Life Cycle; Reuse; Proliferates Quickly; Dependencies; Principles Risk Assessment, Analysis, And Procedures; Making Decisions: Fact or Fiction? How Do You Decide?; Confidence Ranking Process; Facts; Calculations; Estimations; Guesses; Risk Management Starts with the Individual; Managing Risky People; Risk Management Profiling and Risk Culture; Measuring Risks or Uncertainty; How to Measure Risks; Identify the Risk; Consensus of the Risk; Analysis of Risk; Mitigate the Risk; Monitor the Risk; Reassess the Risk; Performing a Risk Assessment; Team or Committee Selection; Step 1: Define Parameters; Taxonomy of Risk Types; Scope, Time Frame, Complexity, and Stakeholders; Step 2: Identify Risks and Impacts; Step 3: Consensus of Risks and Impacts; Step 4 Risks and Impacts Analysis; Step 5: Prioritize Risks and Impacts; Step 6: Review Existing Controls; Step 7: Risks and Impacts Mitigation Analysis; Step 8: Costing, Prioritization, And Decisions; Step 9: Implementation; Step 10: Review Metrics; User Experienced Metrics Best Practices ; Principles and Concepts: Section Summary Part II: SERVICE DELIVERY Product Management ; Products You Deliver as a CIO; Information Delivery: How Information Flows in Your; Organization; Organizing IT for Information Delivery, Management, And Protection Process Management Project Management; Projects; Risk Ranking; Vulnerability Scanning; Reporting IT Service Management; Opportunity Capacity Reporting on Service Delivery Service Delivery: Section Summary LIABILITIES MANAGEMENT Information Management; The Value of Information; Classify Your Information: Value and Categories; Value/Sensitivity of Information; Categories of Information; Controlled Vocabulary, Taxonomies, Keywords, And Search; Controlled Vocabularies; Summary; Identify Information Assets; Information Has a Life Cycle; Database Information Life Cycle; Information Flows; Information Flow Analysis; Information Management Strategy; Designing Information Management across Large Organizations; Steps to Better Information Management Information Protection; Security Controls; Essential Controls; Personnel (Includes Management and Operations); Technology; Information; Ingress; Egress; Database Security and Monitoring; Defense in Depth; Audit and Compliance; Documentation; Information Security Architecture; Reporting on Information Security; FISMA, NIST, and FIPS; Why; What; Specifications for Minimum Security Requirements; How; Payment Card Industry Data Security Standard; Analysis of Good Information Security Practices; Employee, Hacker, Insider, Or Outsider; Insiders; Employees; Partners; Contractors; Outsourced; Insider Threats; Insider Controls; Outsiders; General Public; Hackers; Customers, Clients, Others; Outsider Threats; Outsider Controls; Data Loss Prevention/Information Knowledge Leakage; Database Solutions; Network and End-Point Solutions; Portable Device Control; Defining the Risk; Deploying DLP Solutions; Paper: Print, Keep, Shred E-Discovery; Rules and Obligations; Standard of Proof; E-Discovery Process; Information Management; Collection and Preservation; Production; Presentation; Summary of E-Discovery Privacy Policies and Procedures; Writing Good Policies; Communicating Policy; Enforcing Policy; Writing Good Procedures; Following Procedures; Next-Generation Policies and Procedures Planning for Big Failures or Business Continuity; Business Resilience and Redundancy; Business Continuity Management Liabilities Management: Section Summary PUTTING IT ALL TOGETHER Designing a Risk Management Strategy; External Factors; Organization Structure; Identify Assets; Compliance Requirements; Risk Management Profiles; Risk Culture; Governance; Risk Management Strategy for Service Delivery; Risk Management Strategy for Liabilities; Consolidated Risk Management Strategy; Risk Management Framework: Outline; Maintain Risk Management Program; Resourcing a Risk Management Program Forward-Looking Risk Management Preparing for a "Black Swan" Conclusion Appendices; OECD Privacy Principles; Project Profiling Risk Assessment; Risk Impact Scales; Classification Schema Bibliography Index
Responsibility: Mark Scherling.

Reviews

Editorial reviews

Publisher Synopsis

This is an exceptionally well-written primer for anyone responsible for corporate information risk management. ... It's obvious that the author has regularly encountered and solved the problems he Read more...

 
User-contributed reviews
Retrieving GoodReads reviews...
Retrieving DOGObooks reviews...

Tags

Be the first.
Confirm this request

You may have already requested this item. Please select Ok if you would like to proceed with this request anyway.

Linked Data


Primary Entity

<http://www.worldcat.org/oclc/725921846> # Practical risk management for the CIO
    a schema:CreativeWork, schema:MediaObject, schema:Book ;
    library:oclcnum "725921846" ;
    library:placeOfPublication <http://experiment.worldcat.org/entity/work/data/601162024#Place/boca_raton> ; # Boca Raton
    library:placeOfPublication <http://id.loc.gov/vocabulary/countries/flu> ;
    schema:about <http://dewey.info/class/658.478/e22/> ;
    schema:about <http://id.worldcat.org/fast/973129> ; # Information technology--Security measures
    schema:about <http://id.loc.gov/authorities/subjects/sh94001277> ; # Computer networks--Security measures
    schema:about <http://id.worldcat.org/fast/854195> ; # Chief information officers
    schema:about <http://id.worldcat.org/fast/1098164> ; # Risk management
    schema:about <http://experiment.worldcat.org/entity/work/data/601162024#Topic/business_&_economics_leadership> ; # BUSINESS & ECONOMICS--Leadership
    schema:about <http://experiment.worldcat.org/entity/work/data/601162024#Topic/business_&_economics_corporate_governance> ; # BUSINESS & ECONOMICS--Corporate Governance
    schema:about <http://id.worldcat.org/fast/872341> ; # Computer networks--Security measures
    schema:about <http://id.worldcat.org/fast/887958> ; # Data protection
    schema:about <http://experiment.worldcat.org/entity/work/data/601162024#Topic/business_&_economics_organizational_development> ; # BUSINESS & ECONOMICS--Organizational Development
    schema:about <http://id.loc.gov/authorities/subjects/sh2009127217> ; # Information technology--Security measures
    schema:about <http://experiment.worldcat.org/entity/work/data/601162024#Topic/business_&_economics_workplace_culture> ; # BUSINESS & ECONOMICS--Workplace Culture
    schema:bookFormat schema:EBook ;
    schema:copyrightYear "2011" ;
    schema:creator <http://viaf.org/viaf/170149734> ; # Mark Scherling
    schema:datePublished "2011" ;
    schema:description "Delivery; Risk Management Strategy for Liabilities; Consolidated Risk Management Strategy; Risk Management Framework: Outline; Maintain Risk Management Program; Resourcing a Risk Management Program Forward-Looking Risk Management Preparing for a "Black Swan" Conclusion Appendices; OECD Privacy Principles; Project Profiling Risk Assessment; Risk Impact Scales; Classification Schema Bibliography Index"@en ;
    schema:description "And Protection Process Management Project Management; Projects; Risk Ranking; Vulnerability Scanning; Reporting IT Service Management; Opportunity Capacity Reporting on Service Delivery Service Delivery: Section Summary LIABILITIES MANAGEMENT Information Management; The Value of Information; Classify Your Information: Value and Categories; Value/Sensitivity of Information; Categories of Information; Controlled Vocabulary, Taxonomies, Keywords,"@en ;
    schema:description "Or Outsider; Insiders; Employees; Partners; Contractors; Outsourced; Insider Threats; Insider Controls; Outsiders; General Public; Hackers; Customers, Clients, Others; Outsider Threats; Outsider Controls; Data Loss Prevention/Information Knowledge Leakage; Database Solutions; Network and End-Point Solutions; Portable Device Control; Defining the Risk; Deploying DLP Solutions; Paper: Print, Keep,"@en ;
    schema:description "And Decisions; Step 9: Implementation; Step 10: Review Metrics; User Experienced Metrics Best Practices ; Principles and Concepts: Section Summary Part II: SERVICE DELIVERY Product Management ; Products You Deliver as a CIO; Information Delivery: How Information Flows in Your; Organization; Organizing IT for Information Delivery, Management,"@en ;
    schema:description "And Procedures; Making Decisions: Fact or Fiction? How Do You Decide?; Confidence Ranking Process; Facts; Calculations; Estimations; Guesses; Risk Management Starts with the Individual; Managing Risky People; Risk Management Profiling and Risk Culture; Measuring Risks or Uncertainty; How to Measure Risks; Identify the Risk; Consensus of the Risk; Analysis of Risk; Mitigate the Risk; Monitor the Risk; Reassess the Risk; Performing a Risk Assessment; Team or Committee Selection; Step 1: Define Parameters; Taxonomy of Risk Types; Scope, Time Frame, Complexity, and Stakeholders; Step 2: Identify Risks and Impacts; Step 3: Consensus of Risks and Impacts; Step 4 Risks and Impacts Analysis; Step 5: Prioritize Risks and Impacts; Step 6: Review Existing Controls; Step 7: Risks and Impacts Mitigation Analysis; Step 8: Costing, Prioritization,"@en ;
    schema:description "Shred E-Discovery; Rules and Obligations; Standard of Proof; E-Discovery Process; Information Management; Collection and Preservation; Production; Presentation; Summary of E-Discovery Privacy Policies and Procedures; Writing Good Policies; Communicating Policy; Enforcing Policy; Writing Good Procedures; Following Procedures; Next-Generation Policies and Procedures Planning for Big Failures or Business Continuity; Business Resilience and Redundancy; Business Continuity Management Liabilities Management: Section Summary PUTTING IT ALL TOGETHER Designing a Risk Management Strategy; External Factors; Organization Structure; Identify Assets; Compliance Requirements; Risk Management Profiles; Risk Culture; Governance; Risk Management Strategy for Service"@en ;
    schema:description "Introduction: Why Risk Management? Liability; Personal Data Disclosed or Stolen; Intellectual Property Lost or Stolen; Wrong Decisions Made; Liability Risks Service Delivery; Transaction Centric; Information Centric; Risks to Service Delivery; Risks to the CIO PRINCIPLES AND CONCEPTS Overview; Market Risks; Budget Risks; People Risks; Technology Risks; Operational Risks; Information Risks; Control Risks; Detection Risks; Risk Treatment Basic Concepts, Principles,"@en ;
    schema:description "And Practices ; Concepts; Risk IT Framework Principles; ISO 31000 Risk Management Principles; Other Risk Management Principles; Summary: Risk Management and Risk IT Principles; Information Security Principles; Accountability Principle; Awareness Principle; Ethics Principle; Multidisciplinary Principle; Proportionality Principle; Integration Principle; Timeliness Principle; Assessment Principle; Equity Principle; Information Management Principles; Value; Life Cycle; Reuse; Proliferates Quickly; Dependencies; Principles Risk Assessment, Analysis,"@en ;
    schema:description "And Search; Controlled Vocabularies; Summary; Identify Information Assets; Information Has a Life Cycle; Database Information Life Cycle; Information Flows; Information Flow Analysis; Information Management Strategy; Designing Information Management across Large Organizations; Steps to Better Information Management Information Protection; Security Controls; Essential Controls; Personnel (Includes Management and Operations); Technology; Information; Ingress; Egress; Database Security and Monitoring; Defense in Depth; Audit and Compliance; Documentation; Information Security Architecture; Reporting on Information Security; FISMA, NIST, and FIPS; Why; What; Specifications for Minimum Security Requirements; How; Payment Card Industry Data Security Standard; Analysis of Good Information Security Practices; Employee, Hacker, Insider,"@en ;
    schema:exampleOfWork <http://worldcat.org/entity/work/id/601162024> ;
    schema:genre "Electronic books"@en ;
    schema:inLanguage "en" ;
    schema:isSimilarTo <http://www.worldcat.org/oclc/659750473> ;
    schema:name "Practical risk management for the CIO"@en ;
    schema:productID "725921846" ;
    schema:publication <http://www.worldcat.org/title/-/oclc/725921846#PublicationEvent/boca_raton_crc_press_auerbach_book_2011> ;
    schema:publisher <http://experiment.worldcat.org/entity/work/data/601162024#Agent/crc_press_auerbach_book> ; # CRC Press/Auerbach Book
    schema:url <http://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&db=nlabk&AN=365165> ;
    schema:url <http://www.books24x7.com/marc.asp?bookid=47197> ;
    schema:url <http://site.ebrary.com/id/10466753> ;
    schema:url <http://public.eblib.com/choice/publicfullrecord.aspx?p=688524> ;
    schema:url <https://nls.ldls.org.uk/welcome.html?ark:/81055/vdc_100045020636.0x000001> ;
    schema:url <http://dx.doi.org/10.1201/b10874> ;
    schema:workExample <http://worldcat.org/isbn/9781439856543> ;
    umbel:isLike <http://bnb.data.bl.uk/id/resource/GBB7A5003> ;
    wdrs:describedby <http://www.worldcat.org/title/-/oclc/725921846> ;
    .


Related Entities

<http://experiment.worldcat.org/entity/work/data/601162024#Agent/crc_press_auerbach_book> # CRC Press/Auerbach Book
    a bgn:Agent ;
    schema:name "CRC Press/Auerbach Book" ;
    .

<http://experiment.worldcat.org/entity/work/data/601162024#Topic/business_&_economics_corporate_governance> # BUSINESS & ECONOMICS--Corporate Governance
    a schema:Intangible ;
    schema:name "BUSINESS & ECONOMICS--Corporate Governance"@en ;
    .

<http://experiment.worldcat.org/entity/work/data/601162024#Topic/business_&_economics_leadership> # BUSINESS & ECONOMICS--Leadership
    a schema:Intangible ;
    schema:name "BUSINESS & ECONOMICS--Leadership"@en ;
    .

<http://experiment.worldcat.org/entity/work/data/601162024#Topic/business_&_economics_organizational_development> # BUSINESS & ECONOMICS--Organizational Development
    a schema:Intangible ;
    schema:name "BUSINESS & ECONOMICS--Organizational Development"@en ;
    .

<http://experiment.worldcat.org/entity/work/data/601162024#Topic/business_&_economics_workplace_culture> # BUSINESS & ECONOMICS--Workplace Culture
    a schema:Intangible ;
    schema:name "BUSINESS & ECONOMICS--Workplace Culture"@en ;
    .

<http://id.loc.gov/authorities/subjects/sh2009127217> # Information technology--Security measures
    a schema:Intangible ;
    schema:name "Information technology--Security measures"@en ;
    .

<http://id.loc.gov/authorities/subjects/sh94001277> # Computer networks--Security measures
    a schema:Intangible ;
    schema:name "Computer networks--Security measures"@en ;
    .

<http://id.worldcat.org/fast/1098164> # Risk management
    a schema:Intangible ;
    schema:name "Risk management"@en ;
    .

<http://id.worldcat.org/fast/854195> # Chief information officers
    a schema:Intangible ;
    schema:name "Chief information officers"@en ;
    .

<http://id.worldcat.org/fast/872341> # Computer networks--Security measures
    a schema:Intangible ;
    schema:name "Computer networks--Security measures"@en ;
    .

<http://id.worldcat.org/fast/887958> # Data protection
    a schema:Intangible ;
    schema:name "Data protection"@en ;
    .

<http://id.worldcat.org/fast/973129> # Information technology--Security measures
    a schema:Intangible ;
    schema:name "Information technology--Security measures"@en ;
    .

<http://viaf.org/viaf/170149734> # Mark Scherling
    a schema:Person ;
    schema:familyName "Scherling" ;
    schema:givenName "Mark" ;
    schema:name "Mark Scherling" ;
    .

<http://worldcat.org/isbn/9781439856543>
    a schema:ProductModel ;
    schema:isbn "1439856540" ;
    schema:isbn "9781439856543" ;
    .

<http://www.worldcat.org/oclc/659750473>
    a schema:CreativeWork ;
    rdfs:label "Practical risk management for the CIO." ;
    schema:description "Print version:" ;
    schema:isSimilarTo <http://www.worldcat.org/oclc/725921846> ; # Practical risk management for the CIO
    .


Content-negotiable representations

Close Window

Please sign in to WorldCat 

Don't have an account? You can easily create a free account.