Auditing Information and Cyber Security Governance: A Controls-Based Approach
暫譯: 資訊與網路安全治理審計:基於控制的方式
Davis, Robert E.
- 出版商: CRC
- 出版日期: 2021-09-23
- 售價: $2,980
- 貴賓價: 9.5 折 $2,831
- 語言: 英文
- 頁數: 284
- 裝訂: Hardcover - also called cloth, retail trade, or trade
- ISBN: 0367568500
- ISBN-13: 9780367568504
-
相關分類:
Penetration-test
立即出貨 (庫存 < 3)
買這商品的人也買了...
-
Node.js 模組參考手冊$580$458 -
Java 8入門進階【適用JDK 8.0版】$650$514 -
$594Linux 防火牆, 4/e (Linux Firewalls: Enhancing Security with nftables and Beyond, 4/e) -
Microsoft SQL Server 2016 管理實戰$699$552 -
寫給未來社會的新帳本──區塊鏈:人類的新型貨幣、終極信任機器與分散治理革命 (Decoding Global Blockchain and Investment Cases)$380$323 -
iOS 11 程式設計實戰 -- Swift 4 快速上手的開發技巧200+$580$458 -
鳥哥的 Linux 基礎學習訓練教材$480$408 -
Java 入門 邁向高手之路 王者歸來$699$594 -
$1,260Gray Hat Hacking The Ethical Hacker's Handbook, 5/e (Paperback) -
Kali Linux 滲透測試工具|花小錢做資安,你也是防駭高手, 3/e$880$748 -
CompTIA Cybersecurity Analyst (CySA+) CS0-002 Cert Guide (Certification Guide) 2nd Edition$2,320$2,204 -
64位元 Debian Linux 作業系統實務 -- Buster 版$580$568 -
$1,320Implementing and Administering Cisco Solutions: 200-301 CCNA Exam Guide: Begin a successful career in networking with 200-301 CCNA certification (Paperback) -
作業系統, 10/e (授權經銷版)(Silberschatz: Operating System Concepts, 10/e)$910$865 -
駭客們好自為之:CTF 大賽 PWN 奪旗技術大展$1,000$790 -
大師養成起手式:從核心真正了解 Linux 運作原理$880$695 -
Spring REST API 開發與測試指南|使用 Swagger、HATEOAS、JUnit、Mockito、PowerMock、Spring Test$580$493 -
極深入卻極清楚:電腦網路原理從 OSI 實體層到應用層$880$695 -
系統程式設計 (下册)$880$660 -
職安一點通|職業安全管理甲級檢定完勝攻略|2022版$700$553 -
Java SE 17 技術手冊$680$537 -
Certiport ITS Network Security 網路安全管理核心能力國際認證應考攻略$250$198 -
CCNP Security Cisco Secure Firewall and Intrusion Prevention System Official Cert Guide (Hardcover)$2,600$2,548 -
Linux 指令大全:工程師活用命令列技巧的常備工具書 (全新升級版) (The Linux Command Line : A Complete Introduction, 2/e)$780$663 -
電腦網路原理, 6/e (含ITS Networking 網路管理與應用國際認證模擬試題)$360$284
商品描述
A much-needed service for society today. I hope this book reaches information managers in the organization now vulnerable to hacks that are stealing corporate information and even holding it hostage for ransom.
- Ronald W. Hull, author, poet, and former professor and university administrator
A comprehensive entity security program deploys information asset protection through stratified technological and non-technological controls. Controls are necessary for counteracting threats, opportunities, and vulnerabilities risks in a manner that reduces potential adverse effects to defined, acceptable levels. This book presents a methodological approach in the context of normative decision theory constructs and concepts with appropriate reference to standards and the respective guidelines. Normative decision theory attempts to establish a rational framework for choosing between alternative courses of action when the outcomes resulting from the selection are uncertain. Through the methodological application, decision theory techniques can provide objectives determination, interaction assessments, performance estimates, and organizational analysis. A normative model prescribes what should exist according to an assumption or rule.
商品描述(中文翻譯)
一項當今社會急需的服務。我希望這本書能夠觸及那些在組織中面臨駭客攻擊、竊取企業資訊甚至勒索的資訊管理者。
- Ronald W. Hull,作者、詩人、前教授及大學行政人員
一個全面的實體安全計畫透過分層的技術和非技術控制來部署資訊資產保護。控制措施對於抵抗威脅、機會和脆弱性風險是必要的,這樣可以將潛在的不利影響降低到定義的可接受水平。本書在規範決策理論的構建和概念的背景下,提出了一種方法論的方式,並適當參考標準及相關指導方針。規範決策理論試圖建立一個理性的框架,以便在選擇的結果不確定時,選擇不同的行動方案。透過方法論的應用,決策理論技術可以提供目標確定、互動評估、績效估算和組織分析。規範模型規定了根據假設或規則應該存在的內容。
作者簡介
Dr. Robert E. Davis, CISA, CICA unique qualifications encompass over 30 years of internal control practice and scholarship experience. He has provided data security consulting and information systems auditing services to highly regarded government agencies and corporations of various employee sizes. His past teaching experience includes positions with Temple University, Bryant & Stratton College and Cheyney University, as well as presenting various other training sessions and courses.
Dr. Davis has authored articles addressing IT issues for ITAudit Magazine, ISACA Journal, TechTarget, and IT Governance, LTD, as well as a chapter discussing continuous auditing for Bloomsbury Information. Dr. Davis has written workbooks and other instructional material for Boson Software and Pleier Corporation.
作者簡介(中文翻譯)
羅伯特·E·戴維斯博士(Dr. Robert E. Davis),CISA、CICA,擁有超過30年的內部控制實務和學術經驗。他為多家知名政府機構和各種規模的企業提供數據安全諮詢和資訊系統審計服務。他的教學經驗包括在天普大學(Temple University)、布萊恩特與斯特拉頓學院(Bryant & Stratton College)和切尼大學(Cheyney University)任教,以及主持各種其他培訓課程和講座。
戴維斯博士曾為《ITAudit Magazine》、《ISACA Journal》、《TechTarget》和IT Governance, LTD撰寫有關IT議題的文章,並為Bloomsbury Information撰寫了一章有關持續審計的內容。戴維斯博士還為Boson Software和Pleier Corporation撰寫了工作手冊和其他教學材料。
