Home » Practical Risk Management for the CIO
Product Image

Practical Risk Management for the CIO

Mark Scherling
€167.40
Quantity:
Ships in 10-20 days
Delivery/Collection within 10-20 working days
Shipping & Delivery
A01=Mark Scherling
advanced information risk assessment strategies
Age Group_Uncategorized
Age Group_Uncategorized
Anti-virus Software
Author_Mark Scherling
automatic-update
BC Government
black
Black Swan
Business Case
Business Process
Category1=Non-Fiction
Category=KJM
Category=KNSS
Category=UR
Category=UTF
CIO
COP=United States
cybersecurity governance
data classification methods
Data Loss Prevention
Decision Information
delivery
Delivery_Delivery within 10-20 working days
E-discovery
enterprise
enterprise risk analysis
eq_bestseller
eq_business-finance-law
eq_computing
eq_isMigrated=2
eq_nobargain
eq_non-fiction
Federal Information Security Management Act
Follow
government
HIPAA
information
information asset protection
Information Leakage
Information Risk Management
Information Security
Intrusion Prevention Systems
ITIL
justice
Justice Sector
Language_English
Liability
PA=Available
Pci Compliance
Pci Data Security Standard
Price_€100 and above
Privacy
Process management
Product management
Project management
PS=Active
regulatory compliance frameworks
Risk Culture
Risk Management
Risk Management Strategy
ROI
security
security metrics development
Sensitive Information
service
Service delivery
softlaunch
swan
wrong
Wrong Information

Product details

  • ISBN 9781439856536
  • Weight: 672g
  • Dimensions: 156 x 234mm
  • Publication Date: 25 Apr 2011
  • Publisher: Taylor & Francis Inc
  • Publication City/Country: US
  • Product Form: Hardback
  • Language: English
Secure checkout Fast Shipping Easy returns
Description

The growing complexity of today’s interconnected systems has not only increased the need for improved information security, but also helped to move information from the IT backroom to the executive boardroom as a strategic asset. And, just like the tip of an iceberg is all you see until you run into it, the risks to your information are mostly invisible until disaster strikes.

Detailing procedures to help your team perform better risk assessments and aggregate results into more meaningful metrics, Practical Risk Management for the CIO approaches information risk management through improvements to information management and information security. It provides easy-to-follow guidance on how to effectively manage the flow of information and incorporate both service delivery and reliability.

  • Explains why every CIO should be managing his or her information differently
  • Provides time-tested risk ranking strategies
  • Considers information security strategy standards such as NIST, FISMA, PCI, SP 800, & ISO 17799
  • Supplies steps for managing: information flow, classification, controlled vocabularies, life cycle, and data leakage
  • Describes how to put it all together into a complete information risk management framework

Information is one of your most valuable assets. If you aren’t on the constant lookout for better ways to manage it, your organization will inevitably suffer. Clarifying common misunderstandings about the risks in cyberspace, this book provides the foundation required to make more informed decisions and effectively manage, protect, and deliver information to your organization and its constituents.
About Mark Scherling

Mark Scherling, CISSP, CRM, has been working in IT for over 30 years. For the past four years, he has been managing information security and privacy for the Justice Sector in the Government of British Columbia (Canada). Prior to the Justice Sector, he managed the Information Security Investigations Unit for the entire BC government.

He has designed and implemented public key infrastructure (PKI) and security solutions for numerous clients. He is considered a Subject Matter Expert in Risk Management and Information Security by the Information Systems Audit and Control Association (ISACA). He contributed to the Risk IT Framework and Certification in Risk and Information Systems (CRISC), a new ISACA Certification. He is viewed as a Security and Risk Management Expert by many people within and associated with the Government of British Columbia.

His background includes sales, marketing, and information management. In the mid-1990s, he was instrumental in developing and implementing the Canadian Department of National Defence Intranet or the DIN. He has significant experience in information and knowledge management. He combines this expertise with information protection to create an information risk management strategy for Chief Information Officers (CIOs).

He has been part of the evolution of information technology (IT) from Digital Equipment’s Vaxes and PDP11s to mobile computing, the Internet, and cloud computing. The interconnected world we now live in holds exciting promise to link people, computers, applications, and information. There are risks when we link everything together and share information. Organizations are always trying to reduce costs and improve customer relations. Mark has been involved in information security for over 13 years and has oriented his approach from simple information security to risk management strategies. As the Internet continues to evolve, so evolves information security and risk management.

The reality is that we need better ways of managing risks to our information and services. His approach takes a more holistic approach to risks, considering not just liabilities but also service delivery because information is one of our most important assets.

More from this author