Skip to Main Content
Exclusivité en ligne ! Recevez un e-book gratuit lorsque vous achetez une formation ou un kit de documentation en ligne avant le 30 septembre !
Information Security Management Principles: An ISEB Certificate

Information Security Management Principles - Second Edition - OFFER

SKU: 2121
Authors: David Alexander, Amanda Finch, David Sutton and Andy Taylor
Publishers: British Computer Society
Format: Softcover
ISBN13: 9781780171753
ISBN10: 1780171757
Pages: 220
Published: 18 Jun 2013
Availability: Available now
This guide from the British Computer society (BCS) offers clear and comprehensive information on information security management and also supports the BCS Certificate in Information Security Management Principles (CISMP).
Prix : 39,95 €



The official textbook for the BCS Certificate in Information Security Management Principles (CISMP) qualification.

Now in its second edition, Information Security Management Principles has been updated to reflect the latest changes in the CISMP syllabus as well as technological developments such as Cloud Computing. The remainder of the contents have been reviewed and reordered to reflect the changes to the BCS CISMP, which the book supports.

Information Security Management Principles focuses on the three main areas of information assurance (confidentiality, integrity and availability) and provides business and IT managers the skills to identify threats and protect against them.

  • Better understand information threats, vulnerabilities and countermeasures.
  • Manage emerging risks caused by ‘hyper-connectivity’.
  • Learn best practice from experienced authors.
  • Includes security of cloud-based resources.
  • Supports BCS Certification in IS Management Principles. 

Full contents

  1. Information Security Principles
    Concepts and definitions
    The need for, and benefits of, information security
    Pointers for activities in this chapter

  2. Information Risk
    Threats to, and vulnerabilities of, information systems
    Risk management
    Pointers for activities in this chapter

  3. Information Security Framework
    Organisation and responsibilities
    Organisational policy standards and procedures
    Information security governance
    Information security implementation
    Security incident management
    Legal framework
    Security standards and procedures
    Pointers for activities in this chapter

  4. Procedural and People Security Controls
    User Access Controls
    Training and awareness
    Pointers for activities in this chapter

  5. Technical Security Controls
    Protection from malicious software
    Networks and communications
    External services
    Cloud computing
    IT infrastructure
    Pointers for activities in this chapter

  6. Software Development and Life Cycle
    Testing, audit and review
    Systems development and support
    Pointers for activities in this chapter

  7. Physical and Environmental Security
    Learning outcomes
    General controls
    Physical security
    Technical security
    Procedural security
    Protection of equipment
    Processes to handle intruder alerts
    Clear screen and desk policy
    Moving property on and off site
    Procedures for secure disposal
    Security requirements in delivery and loading areas
    Pointers for activities in this chapter

  8. Disaster Recovery and Business Continuity Management
    Learning outcomes
    DR/BCP, risk assessment and impact analysis
    Writing and implementing plans
    Documentation, maintenance and testing
    Links to managed service provision and outsourcing
    Secure off-site storage of vital material
    Involvement of personnel, suppliers and IT systems providers
    Security incident management
    Compliance with standards
    Pointers for the activity in this chapter

  9. Other Technical Aspects
    Investigations and forensics
    Role of cryptography
    Pointers for the activity in this chapter

Avis des clients

(0# de notes :)
This website uses cookies. View our cookie policy.