A01=Anne Kohnke
A01=Dan Shoemaker
A01=Ken Sigler
Age Group_Uncategorized
Age Group_Uncategorized
audit-based security controls
Author_Anne Kohnke
Author_Dan Shoemaker
Author_Ken Sigler
automatic-update
capability maturity modeling
Category1=Non-Fiction
Category=KJMV3
Category=KJMV5
Category=KJMV8
Category=TBC
Category=UBL
Category=UR
Category=UY
Common Control Providers
COP=United Kingdom
cyber supply chain management
Delivery_Delivery within 10-20 working days
eq_bestseller
eq_business-finance-law
eq_computing
eq_isMigrated=0
eq_isMigrated=2
eq_nobargain
eq_non-fiction
Federal Information Systems
ICT Product
ICT Supply Chain
ICT System
information assurance
Key Process Area
Language_English
Minimum Assurance Requirements
NIST RMF
NIST SP
NIST SP 800-53A
Organization's ICT System
PA=Available
Price_€50 to €100
PS=Active
Reduce Supply Chain Risks
risk analysis methodology
SCRM
SCRM Practice
SCRM Process
secure procurement process framework
Security Assessment Report
Security Control Assessment
Security Control Baseline
Security Control Implementation
Security Control Selection
Security Controls
softlaunch
Supply Chain
Supply Chain Assurance
Supply Chain Organization
Supply Chain Risk
technology acquisition process
Product details
- ISBN 9781138197336
- Weight: 448g
- Dimensions: 156 x 234mm
- Publication Date: 03 Nov 2017
- Publisher: Taylor & Francis Ltd
- Publication City/Country: GB
- Product Form: Paperback
- Language: English
Secure
checkout
Fast Shipping
Easy returns
The book presents the concepts of ICT supply chain risk management from the perspective of NIST IR 800-161. It covers how to create a verifiable audit-based control structure to ensure comprehensive security for acquired products. It explains how to establish systematic control over the supply chain and how to build auditable trust into the products and services acquired by the organization. It details a capability maturity development process that will install an increasingly competent process and an attendant set of activities and tasks within the technology acquisition process. It defines a complete and correct set of processes, activities, tasks and monitoring and reporting systems.
Dan Shoemaker, PhD, is principal investigator and senior research scientist at the University of Detroit Mercy’s Center for Cyber Security and Intelligence Studies. Dan has served 30 years as a professor at UDM with 25 of those years as department chair. He served as a co-chair for both the Workforce Training and Education and the Software and Supply Chain Assurance Initiatives for the Department of Homeland Security, and was a subject matter expert for the NICE Workforce Framework 2.0. Dan has coauthored six books in the field of cybersecurity and has authored over one hundred journal publications. Dan earned his PhD from the University of Michigan.
Ken Sigler is a faculty member of the Computer Information Systems (CIS) program at the Auburn Hills campus of Oakland Community College in Michigan. His primary research is in the areas of software management, software assurance, and cloud computing. He developed the college's CIS program option entitled "Information Technologies for Homeland Security." Until 2007, Ken served as the liaison for the college to the International Cybersecurity Education Coalition (ICSEC), of which he is one of three founding members. Ken is a member of IEEE, the Distributed Management Task Force (DMTF), and the Association for Information Systems (AIS).
Anne Kohnke, PhD, is an assistant professor of IT at Lawrence Technological University and teaches courses in both the information technology and organization development/change management disciplines at the bachelor through doctorate levels. Anne started as an adjunct professor in 2002 and joined the faculty full-time in 2011. Her research focus is in the areas of cybersecurity, risk management, and IT governance. Anne started her IT career in the mid-1980s on a help desk, and over the years developed technical proficiency as a database administrator, network administrator, systems analyst, and technical project manager. After a decade, Anne was promoted to management and worked as an IT Director, Vice President of IT and Chief Information Security Officer (CISO). Anne earned her PhD from Benedictine University.
