IT Innovation

http://www.crcpress.com/product/isbn/9781439820162


Page 12 Page 20

Page 15 Page 6

Page 7Page 7

MBI

T510

MC

_5.1

9.10

bh

Want to maximize your buying power?

Order directly from our online store and

Receive FREE Standard Shipping

with every order, big or small.

Sign up for email alerts.

Stay up to date on our latest resources.

Visit us atwww.crcpress.comto view more information and

complete tables of contents

for these and many other

related books.







3For more information and complete contents, visit www.crcpress.com

New!

Mobile Device SecurityA Comprehensive Guide to Securing Your Information in a Moving WorldStephen FriedPewaukee, Wisconsin, USA

As each generation of portable electronic devices and storage mediabecomes smaller, higher in capacity, and easier to transport, it’s becomingincreasingly difficult to protect the data on these devices while stillenabling their productive use in the workplace. Explaining how mobiledevices can create backdoor security threats, Mobile Device Security: AComprehensive Guide to Securing Your Information in a MovingWorld specifies immediate actions you can take to defend against thesethreats. It begins by introducing and defining the concepts essential tounderstanding the security threats to contemporary mobile devices, andthen takes you through all the policy, process, and technology decisionsthat must be made to create an effective mobile security strategy.

Highlighting the risks inherent when mobilizing data, the text supplies aproven methodology for identifying, analyzing, and evaluating these risks.It examines the various methods used to store and transport mobile dataand illustrates how the security of that data changes as it moves fromplace to place. Addressing the technical, operational, and complianceissues relevant to a comprehensive mobile security policy, the text:• Provides methods for modeling the interaction between mobile

data and mobile devices—detailing the advantages and disadvantages of each

• Explains how to use encryption and access controls to protect your data

• Describes how to layer different technologies to create a resilientmobile data protection program

• Provides examples of effective mobile security policies and discusses the implications of different policy approaches

• Highlights the essential elements of a mobile security business caseand provides examples of the information such proposals shouldcontain

• Reviews the most common mobile device controls and discussesthe options for implementing them in your mobile environment

Securing your mobile data requires the proper balance between security,user acceptance, technology capabilities, and resource commitment.Supplying real-life examples and authoritative guidance, this completeresource walks you through the process of creating an effective mobilesecurity program and provides the understanding required to develop acustomized approach to securing your information.

Catalog no. K11063, June 2010, 296 pp.ISBN: 978-1-4398-2016-2, $69.95 / £44.99


4 SAVE 15% when you order online at www.crcpress.com

New!

ITIL ReleaseManagementA Hands-on GuideDave HowardNational Business TechnologyManager, Toyota FinancialServices, California, USA

When implemented correctly, release manage-ment can help ensure that quality is integratedthroughout the development, implementation,and delivery of services, applications, and infra-structure. This holistic, total cost of ownershipapproach allows for higher levels of system avail-ability, is more cost effective to maintain, andincreases overall stability, maintainability, andreliability.

Filled with practical insights, ITIL ReleaseManagement: A Hands-on Guide clearly illustrates the effective implementation of arelease process in the real world. It examines thesimilarities and differences of release manage-ment and project management and clears upany confusion there might be about the twocomplementary processes. Shedding light onthe day-to-day challenges that need to be over-come to ensure success, it details the how-to’s ofeffective implementation.

Addressing the all-important cultural aspects, itexplains how to sell the benefits of release man-agement to all levels of your organization, howto overcome objections, and how to determineorganizational readiness. This complete resourcealso includes a detailed model for executing arelease management process, as well as numer-ous templates, diagrams, and role and responsi-bility charts to help kick start implementationefforts in your organization. It also explains howto develop effective performance metrics andsupplies helpful examples of effective productiv-ity measures.

Catalog no. K10800, May 2010, 344 pp.ISBN: 978-1-4398-1558-8, $69.95 / £44.99

The Green andVirtual DataCenterGreg SchulzStorageIO Group, Stillwater, Minnesota, USA

“… a concise and visionary perspective on theGreen issues. … A great place to start yourgreen journey and a useful handbook to haveas the journey continues.”

—Greg Brunton, EDS/An HP Company

“ … extremely well organized and easy to fol-low. Each chapter has a very good introductionand comprehensive summary. This book couldeasily serve as a blueprint for organizations tofollow when they look for ideas on how todesign new data centers. It's a great additionto an IT Bookshelf.”

—Dr. Steve Guendert, Global Solutions Architect,Brocade Communications

“… reviews the latest developments in facili-ties, server, storage, networking, and monitor-ing technologies and provides a roadmap ofhow each can be used to create next-genera-tion data centers that combine efficiency withscalability . . . an excellent primer for thosewanting to understand how to create datacenters for this new paradigm.”

–Kurt Marko, in Processor, March 2009, Vol. 31, No. 11

Providing effective strategies for enabling anddeploying environmentally friendly next-genera-tion data centers, this book examines designand implementation tradeoffs using various bestpractices and technologies. It explains how toachieve energy efficient server and storage virtualization that is able to support a diversity ofhigh-performance applications.

Catalog no. AU6669, 2009, 396 pp.ISBN: 978-1-4200-8666-9, $79.95 / £48.99




New Edition of aBestseller!

Official (ISC)2®

Guide to theCISSP® CBK®,Second EditionEdited by

Harold F. TiptonHFT Associates, Villa Park, California, USA

“… ideal not only for information security professionals attempting to achieve CISSP certification but also for those who are tryingto decide which, if any, certification to pursue.Executives and organizational managers whowant a more complete understanding of all theelements that are required in effectively protecting their enterprise will also find thisguide extremely useful.”

—Tony Baratta, CISSP-ISSAP, ISSMP, SSCP, Directorof Professional Programs, (ISC)2

Recognized as one of the best tools available for the information security professional andespecially for those studying for the (ISC)2®

CISSP examination, the second edition of thisbestselling resource has been updated andrevised to reflect the latest developments in thisever-changing field. Endorsed by the (ISC)2, thisbook provides unrivaled preparation for the cer-tification exam that is both up to date andauthoritative. Compiled and reviewed by CISSPsand (ISC)2 members, the text provides anexhaustive review of the 10 current domains ofthe CBK, as well as the high-level topics contained in each domain.

This edition includes a CD-ROM with more than200 sample questions, sample exams, and a fulltest simulation that provides the same numberand types of questions with the same allotmentof time allowed on the actual exam. It evengrades the exam, provides the correct answers,and identifies areas where more study is needed.

Catalog no. K10480, January 2010, 1112 pp.ISBN: 978-1-4398-0959-4, $69.95 / £44.99

Coming Soon!

Official (ISC)2®

Guide to theISSAP® CBK®Edited by

Harold F. TiptonHFT Associates, Villa Park,California, USA

The Information Systems Security ArchitectureProfessional (ISSAP) concentration is fundamen-tally the consultative and analytical process ofinformation security. This book supplies theunderstanding to assure competence of the sixmajor domains of the ISSAP concentration.

With this guide, ISSAP candidates will under-stand the key concepts and requirements withinthe ISSAP CBK. It includes coverage of accesscontrol systems and methodologies, telecom-munications and network security, cryptogra-phy, requirements analysis, business continuityand disaster recovery planning, and physicalsecurity integration. It also:• Follows the newly revised CISSP-ISSAP CBK• Reflects the evolving terminology and

changing emphasis in the security professional’s day-to-day environment

Contents:

Access Control Systems and Methodologies,Sean Price

Cryptography, Alex Golod and Mark MakowskiPhysical Security Integration, Paul BakerRequirements Analysis and Security Standards

and Guidelines Criteria, Robert BatieTechnology-Related Business Continuity

Planning and Disaster Recovery Planning,Kelley Okolita

Telecommunications and Network Security,Gilbert Held

Answers to Sample Questions

Catalog no. K10073, August 2010, c. 500 pp.ISBN: 978-1-4398-0093-5, $79.95 / £49.99




New!

Information SecurityManagement HandbookSixth Edition, Volume 4Edited by

Harold F. TiptonHFT Associates, Villa Park, California, USA

Micki Krause NozakiPacific Life Insurance Company, Newport Beach, California, USA

Every year, in response to advancements in technology and new laws indifferent countries and regions, there are many changes and updates tothe body of knowledge required of IT security professionals. Updatedannually to keep up with the increasingly fast pace of change in the field,the Information Security Management Handbook is the single mostcomprehensive and up-to-date resource on information security andassurance.

Providing an up-to-date compilation of the fundamental skills, techniques,tools, and understanding required of IT security professionals, theInformation Security Management Handbook, Sixth Edition, Volume 4 reflects the latest changes to information security and theCISSP® Common Body of Knowledge (CBK®). This edition updates thebenchmark Volume 1(also available on crcpress.com) with a wealth ofnew information on mobile device security, adaptive threat defense, Web2.0, virtualization, data leakage, and governance. New material alsoaddresses risk management, business continuity planning, disaster recovery planning, and cryptography.

As the risks that threaten the security of our systems continue to evolve, itis imperative that those charged with protecting that information stayahead of the curve. This comprehensive resource provides the up-to-dateunderstanding required to keep you abreast of the latest developments,new vulnerabilities, and possible threats.


Information Security Management Handbook2010 CD-ROM Edition

Containing the complete contents of Volumes 1, 2, 3, and this year’sVolume 4, the Information Security Management Handbook, 2010CD-ROM Edition is an authoritative resource that is linked, searchable bykeyword, and organized under the CBK® domains. In addition to the complete contents of the 6,000 page set, the CD-ROM includes an extravolume's worth of information—including chapters from other securityand networking books that have never appeared in the print editions.

Catalog no. K10967, June 2010, CD-ROMISBN: 978-1-4398-1841-1, $199.95 / £127.00



New!

HealthcareInformaticsImproving Efficiencyand ProductivityEdited by

Stephan P. KudybaNew Jersey Institute of Technology,Newark, USA

“We owe it to ourselves and future generationsto do all we can to make our healthcare systems work smarter, be more effective, andreach more people. The power to know is atour fingertips; we need only embrace it.”

—From the Foreword, James H. Goodnight, PhD,CEO, SAS

Examining the complexities involved in manag-ing resources in our healthcare system, this bookexplains how management theory and infor-matics applications can increase efficiencies invarious functional areas of healthcare services.Delving into data, project management, andadvanced analytics, it details and provides sup-porting evidence for the strategic concepts thatare critical to achieving successful healthcareinformation technology, information manage-ment, and electronic health record applications.

Bridging the gap from theory to practice, thebook discusses actual informatics applicationsthat have been incorporated by various health-care organizations and the corresponding man-agement strategies that led to their successfulemployment. Offering a wealth of detail, itdetails several working projects, including acomputer physician order entry system, an E-commerce self-service patient check-in, aninformatics project that turned a healthcare system’s paper-based resources into digitalassets, and a healthcare system’s use of algo-rithms to identify patients at risk for hepatitis.

Catalog no. K10489, April 2010, 279 pp.ISBN: 978-1-4398-0978-5, $79.95 / £49.99

New!

GIS in Hospitaland HealthcareEmergencyManagementRic Skinner, GISPThe Stonybrook Group, LLC,Sturbridge, Massachusetts, USA

“Ric Skinner has pulled together leaders andscientists from an incredible cross-section ofthose who are truly involved in the prepara-tions for, and responses to, emergencies. Theseauthors—leaders in their fields—have man-aged to explain a comprehensive range anddepth of information that will prove to be critical to an organization that wants toensure success in their planning and response.”

—R. Tom Sizemore III, MD, Principal DeputyDirector, Office of Preparedness & Emergency

Operations, U. S. Department of Health & Human Services

“... authoritative and comprehensive, coveringall areas of emergency management involvingGIS and related technologies, in a readableand accessible manner.”

—Omar A. Khan, MD MHS FAAFP, University ofVermont College of Medicine & American Public

Health Association (APHA)

“This book should be required reading for everyemergency manager. The writing style isengaging and the subject matter draws you in… . If you start reading this book with a neo-phyte’s view of GIS, you will walk away with anintense collection of real-world knowledge.”

—Hal Newman, Managing Partner, TEMS

“... an excellent guide to the future of health-care emergency management.”

—James M. Rush, Chief Operating Officer, JVR Health Readiness Inc.





New!

ProjectManagementTools andTechniques forSuccessChristine B. TayntorIndependent Consultant,Wyoming, USA

This book provides an accessible introduction to project management fundamentals.Highlighting approaches for avoiding commonpitfalls, it begins with an introduction to projectmanagement that compares and contrasts thestages of poor management with those of effec-tive management.

Because change is inherent in virtually all projects, the text outlines the human effects ofchange and suggests ways to mitigate theseeffects. It addresses team dynamics, sourcingalternatives, motivating the team, managingexpectations, assessing risk, and defining andprioritizing project requirements. The booktranslates difficult concepts into practical appli-cations with an entertaining and informativecase study that examines the merger of twocompanies and the subsequent development ofa new corporate headquarters.

By adding a layer of statistical methods and toolsto the front-end of a project, Design for SixSigma (DFSS) augments standard Six Sigmaprocesses to help ensure project results meetcustomers' needs and that delays caused by newrequirements or rework after implementationare eliminated or reduced. This book explainshow to effectively incorporate DFSS tools toreduce the possibility of failure in your next project.


New!

Essential ProjectManagementSkillsKerry WillsSouthington, Connecticut, USA

Reflecting the changing landscape of today’sprojects, Essential Project Management Skillsempowers project managers to master the skillsnecessary to succeed in the current environ-ment. Enhanced with tables and diagrams, thebook begins by introducing the concepts relat-ed to the changing project landscape and theirimpact on projects. It then delves into the detailsof several trends within the project landscape,describes the challenges created by these trendsfor project managers, and provides illuminatingcase studies that elucidate each trend and itsimpact.

Next, the book outlines the skills required to besuccessful in this new environment and offerstechniques that can be applied to fully masterthem. Each of these skills is aligned with a casestudy in which the skills and techniques are usedand the outcomes discussed.

Finally, the book ties together the evolution ofthe project landscape, the challenges posed,and the new skills required to manage projectssuccessfully in today’s environment. It alsoincludes a checklist of the skills and techniques inthe context of different project scenarios.


Order directly from our online store andReceive FREE Standard Shippingwith every order, big or small.




New!

ProjectManagementTheory andPracticeGary L. RichardsonUniversity of Houston, Texas, USA

Although there are numerous project manage-ment resources available, most are either tooacademic, focus too heavily on IT, or provide sil-ver-bullet, quick-fix advice without the theoryrequired to understand why the solutions work.Following and expanding on PMI’s ProjectManagement Body of Knowledge (PMBOK®),this text provides a complete and accessibleoverview of project management theory.

This classroom-tested resource translates theabstract model vocabulary and processes from A Guide to the Project Management Body ofKnowledge (PMBOK® Guide), Fourth Edition intoaccessible discussions complete with contempo-rary views and projections for the future. It inte-grates the organizational environment that surrounds a project to supply readers with thewell-rounded knowledge of theories, organiza-tional issues, and human behavior needed toeffectively manage real-world projects.

The author details numerous project-relatedframeworks, including enterprise project management, project portfolio management,work breakdown structures, earned value man-agement, professional responsibility, and projectteam productivity. Filled with numerous end-of-chapter questions, scheduling and budgetingproblems, scoping projects, and sample work-sheets that illustrate various analytical tools andmanagement decisions, this is the ideal resourcefor anyone seeking project management certifi-cation.


New!

The ProjectManager'sCommunicationToolkitShankar Jha

" … a valuable resource for program and project managers at all levels and all indus-tries. Shankar very successfully managed very large and complex projects for my organization utilizing many of these tools and techniques."

—Nancy Couture, V. P. Enterprise Intelligence,Ingenix

Addressing the difficulties involved in day-to-dayproject management communication, TheProject Manager’s Communication Toolkitprovides proven methods for creating effectivecommunications—including text-based plans,reports, messages, and presentations. Using language that is easy to understand, it examinesthe many tools available and defines their proper use and application.

The author explains how to determine the mosteffective communication tools for specific needs.Numerous real-world examples illustrate how togain control over project parameters, how toovercome conflict, and how to create effectiveproject plans, charters, and statements of work.

Complete with case studies, this book suppliesthe knowledge required to harness the power of everyday communication tools for project success. Arming readers with the practicalunderstanding to select the right tools, this valuable resource also supplies the insight need-ed to use those tools effectively in a wide rangeof real-world situations.

Catalog no. K10497, March 2010, 200 pp.ISBN: 978-1-4398-0995-2, $59.95 / £38.99




Bestseller!

The CompleteProjectManagementOffice HandbookSecond EditionGerard M. HillPrincipal, Hill Consulting Group,Woodbridge, Virginia, USA

The second edition of this bestselling referenceextends the concepts and considerations ofmodern project management into the realm ofproject management oversight, control, andsupport. Recognizing the need for a centralizedorganizational entity—the project managementoffice (PMO)—to perform in this capacity, thisbook considers five stages of PMO along a competency continuum, establishing the depthof its functional responsibility.

Addressing a wide range of topics, the bookconsiders methodology development, resourcemanagement, vendor management, and project portfolio management. It also:• Includes twenty functional models that can

be used to guide the deliberation anddevelopment of PMO operational capability

• Illustrates how modern project management processes can be aligned with the organization’s business interests

• Describes the depth of PMO responsibilityneeded to meet the unique oversight, control, and support requirements of every organization

• Supplies authoritative guidance on establishing and managing a small PMO

CONTENTS:

Practice Management. Infrastructure Management.Resource Integration. Technical Support. BusinessAlignment.


A Standard forEnterpriseProjectManagementMichael S. ZambruskiTBA&P, LLC, Cheshire, Connecticut, USA

Providing structured yet adaptable models ofproject success within an organization, AStandard for Enterprise Project Managementexplains each of the basic elements needed forproject success and integrates them into a bal-anced life-cycle continuum. It also supplies prac-tical policies, procedures, techniques, and tem-plates for consistent management of projects.

The book first discusses project authorizationand initiation, followed by analysis and planning. It then covers execution, control, andclosure. Each phase contains an explanation and an illustration of how to optimize success.Throughout the text, the author refers tonumerous appendices that constitute blank andcompleted templates. He provides details onhow to use these tools, with an emphasis on balancing the benefits of standardization andthe need for flexibility.

The accompanying CD-ROM encompasses acolor version of the book with four bonus features: • Quick start with Project 2003 that offers a

one-page tutorial and three pages of screenprints

• Complex project readiness grid that suggests how to manage intricate interrelationships in a project or programenvironment

• Project management competency development grid that outlines a programfor developing key skills among projectmanagers within an organization

• Traceability matrix that illustrates how various levels of requirements and finalsolutions are interrelated

Catalog no. AU7245, 2009, 128 pp., Soft CoverISBN: 978-1-4200-7245-7, $83.95 / £52.99




New!

The CompleteProjectManagementMethodologyand ToolkitGerard M. HillPrincipal, Hill Consulting Group,Woodbridge, Virginia, USA

Written by one of the nation’s most highlyregarded project management mentors, thisbook delineates a "business-relevant" methodol-ogy that can be introduced across differentindustries and business environments. Itdescribes the ProjectPRISM™ ProjectManagement Methodology, an innovative,matrix-based approach to conducting projectmanagement that introduces relevant concepts,practices, and tools in an effective project man-agement solution.

Aligned with common business practices,Gerard Hill’s method demonstrates how todevelop project plans, keep on schedule, man-age budgets, maintain areas of responsibility,and evaluate a project’s progress from conceptto completion. The text offers insight for cus-tomizing the methodology to meet the uniqueneeds of individual organizations. It also: • Includes a companion CD-ROM with a

complete methodology package: ProcessGuide, Practice Guide, and a ready-to–use96-tool Process Toolkit

• Aligns project management with commonbusiness practices that already exist inmany business organizations

• Offers detailed process and practice guidance for completing the essential activities of project management


New!

PMP® ExamPractice Test and Study Guide, Eighth EditionEdited by

J. LeRoy WardESI International, Arlington,Virginia, USA ESI International,Arlington, Virginia, USA

Well-trained project management professionalsare highly sought after in today's competitiveglobal business environment—making theProject Management Professional® (PMP) certifi-cation one of the most sought after certifica-tions. Offered by the Project ManagementInstitute, the PMP® Exam is quite intensive andcommands advanced knowledge of and experi-ence with project management concepts.

Rigorous and authoritative, the PMP Exam:Practice Test and Study Guide, Eighth Editionis an essential resource that can help increaseyour chances of passing the PMP certificationexam the first time. This new spiral-bound edition:• Includes 40 multiple-choice practice

questions in each of nine knowledge areas and in the professional and social responsibilities domain

• Presents a composite 200-question practicetest that simulates the actual exam

• Contains fully referenced answers keyed tothe five project management processgroups

• Supplies a complete bibliography and astudy matrix to help readers key in on specific areas where further study is needed

Catalog no. N10241, January 2010, Soft CoverISBN: 978-1-890367-52-7, $59.95 / £38.99

Order directly from our online store andReceive FREE Standard Shippingwith every order, big or small.




New!

CloudComputingImplementation,Management, andSecurityJohn W. RittinghouseHypersecurity LLC, Houston, Texas, USA

James F. RansomeCisco Systems, Santa Clara, California, USA

Providing a clear understanding of what cloudcomputing really means, this book supplies theknowledge needed to make educated decisionsregarding cloud initiatives. It examines theadvantages and disadvantages and exploreshow it could become disruptive in the future.The authors first discuss the evolution of com-puting, focusing primarily on advances that ledto the development of cloud computing.

Next, they survey the critical components nec-essary to make the cloud computing paradigmfeasible. They present various standards basedon the use and implementation issues surround-ing cloud computing and describe the infra-structure management that is maintained bycloud computing service providers. The bookconcludes by examining the successes of severalcloud computing vendors and how theirachievements have helped to shape cloud computing.

Arming readers with guidance essential to making smart, strategic decisions on cloud initiatives, this book:• Describes different types of cloud services • Illustrates how to build a cloud network • Presents common standards for application

development, messaging, and security • Covers the legal and philosophical issues

that must be addressed to ensure protec-tion of user data and mitigate corporate liability


New!

CloudComputingTechnologies andStrategies of theUbiquitous DataCenterBrian J.S. CheeUniversity of Hawaii, Honolulu, USA

Curtis Franklin Jr.Gainesville, Florida, USA

Examining cloud computing from an IT manag-er’s perspective, this book answers basic andstrategic questions about cloud computing. Thefirst section covers the computing roots thathave evolved into cloud computing. It looks athow IT has traditionally serviced needs and howcloud computing improves and expands onthese services. Next, it shows how to begin theprocess of determining which organizationalneeds would best be served and improved bycloud computing.

The text supplies specific cases as examples towalk you through issues that your organizationmight likely encounter. It also:• Introduces the concepts behind different

types of clouds, including those used forstorage, those that improve processor andapplication delivery, and those that mix anyand all of these services

• Covers typical concerns you will hearregarding such issues as security, applica-tion integration, and structural limitations

• Looks at the future of cloud, from develop-ments right on the horizon to those still inthe planning stage

By the book’s conclusion, you will have a solidbasis on which to initiate strategic discussionsabout deploying cloud computing in yourorganization. You will understand how it canaffordably solve real problems, you will knowwhich strategies to use, and will become awareof the pitfalls to avoid.





VMware ESXEssentials in the Virtual DataCenterDavid MarshallHyper9, Austin, Texas, USA

Stephen S. BeaverFlorida Hospital, Altamonte, USA

Jason W. McCartyEquifax, Baton Rouge, Louisiana, USA

Flexible and efficient, VMware ESX is the tool ofchoice for enterprise data centers looking tomake the most of the latest virtualization meth-ods. Written by pioneers and established expertsin the field of virtualization with years of hands-on experience, this book details the product andoutlines innovative ways to use virtualizationwithin the organization. With novel solutions forevery level of the IT chain, this text is a completeguide to the design, operation, and manage-ment of the ESX product.

Featuring technical information, best practices,and technology breakdowns needed to answerreal business challenges, this succinct volume:• Shows how to install ESX, either manually

or using an automated method, detailingthe various key performance optimizationsthat can make installation more efficient

• Describes ways to further automate andenhance the ESX environment and make itmore extensible with APIs, SDKs, program-ming extensions, and VirtualCenter plug-ins

• Explains the latest ESX features • Details the architecture and background of

ESX through the use of diagrams

This text covers VMware VI3, the most widelydistributed server virtualization product on themarket, from 3.0 to 3.5, and the most recentlyannounced embedded version of ESXi. It willenable IT organizations to save hardware costsand make server deployments, provisioning,and management more efficient.


EnterpriseArchitecture A to ZFrameworks, BusinessProcess Modeling,SOA, andInfrastructureTechnologyDaniel MinoliSES Americom, Princeton, New Jersey, USA

Examining cost-saving trends in architectureplanning, administration, and management,this book begins by evaluating the role ofEnterprise Architecture Planning and Service-Oriented Architecture modeling. It provides anextensive review of the most widely deployedarchitecture framework models, and includesdiscussions on The Open Group ArchitectureFramework and the Zachman ArchitecturalFramework, formal architecture standards, aswell as all four layers of the business information,solution, and technology architecture models.

The first part of the text focuses on the upperlayers of the architecture framework, while thesecond part focuses on the technology architec-ture. In this second section, the author presentsan assessment of storage technologies and networking and addresses regulatory and security issues. Additional coverage includeshigh-speed communication mechanisms suchas Ethernet, WAN and Internet communicationtechnologies, broadband communications, andchargeback models.

CONTENTS:

Enterprise Architecture and Technology: Trends,Goals, Roles, and Mechanisms. The Open GroupArchitectural Framework. The ZachmanArchitectural Framework. Official Standards.Tools. Business Process Modeling. ArchitectureFulfillment via Service-Oriented ArchitectureModeling. Evolving SAN, GbE/10GbE, andMetro Ethernet Technologies. EvolvingMAN/WAN Technologies. Networking in SOAEnvironments. Server/Storage Virtualization andGrid Computing for Commercial EnterpriseEnvironments.





New!

Thin AirHow WirelessTechnology SupportsLean InitiativesDann Anthony MaurnoSalem, Massachusetts, USA

Louis SiricoSan Jose, California, USA

“A must read for executives looking to optimizeperformance while automating traceability in outsourced supplier networks.”

—Raj Saksena, President and CEO, Omnitrol Networks Inc.

“Thin Air clearly explains how wireless solutionscan offer sophisticated asset managementapplications, impact patient flow, and increasestaff efficiency thereby playing a major role inhelping healthcare administrators improve efficiency, streamline operations, and ultimate-ly help caregivers in their primary mission ofproviding quality patient care.

—Jason Howe, CEO, Awarepoint

This book proposes practices and paradigms forvirtually seamlessly integration of Lean’s cultureof continuous process improvement with wire-less technology. It discusses the application of awide range of wireless technologies, includingWi-Fi, RFID, wireless sensor networks, real-timelocation systems, and global positioning systems. It addresses the modernization of infrastructure, elimination of costly hardwareand redundant equipment, the facilitation of e-Kanban, and the provision of real-time visibili-ty into any operation. This compete resourceincludes access to a Lean Wireless ROI Calculatoryou can use to calculate estimated savings inlabor and excess capacity at your company.

CONTENTS:

The Confusion of the Tongues. Lean Wireless isAlready Here. Why Now? Lean Wireless and theCosts of Doing Business. The Lean WirelessMissions. The Democratic Frontiers of LeanWireless. Afterword: Lean Wireless 2015.Appendices: Lean Glossary. Wireless Glossary.Standards Used in Wireless Enterprises. LeanWireless ROI.


New!

Fundamentals of EMS, NMS and OSS/BSSJithesh SathyanInfosys Technologies Limited,Bangalore, India

Supplying an end-to-endunderstanding of telecommanagement layers, Fundamentals of EMS,NMS and OSS/BSS is a complete guide to telecom resource and service managementbasics. Divided into four sections: ElementManagement System, Network ManagementSystem, Operation/Business Support Systems,and Implementation Guidelines, the bookexamines standards, best practices, and theindustries developing these systems. Each section starts with basics, details how the systemfits into the telecom management framework,and concludes by introducing more complexconcepts.

From the initial efforts in managing elements tothe latest management standards, the text:

• Covers the basics of network management,including legacy systems, managementprotocols, standards, and popular products

• Deals with OSS/BSS—covering processes,applications, and interfaces in theservice/business management layers

• Supplies implementation guidelines fordeveloping customized management solutions

The book includes chapters devoted to popularmarket products and supplies case studies thatillustrate real-life implementations as well as theinteraction between management layers.Complete with implementation guidelines,detailed references, and lists of web resources tokeep you current, this valuable resource suppliesyou with the fundamental understanding and the tools required to begin developing telecom management solutions tailored to yourcustomer’s needs.

Catalog no. AU8573, June 2010, 576 pp.ISBN: 978-1-4200-8573-0, $89.95 / £54.99




New!

InformationSecurityManagementConcepts and PracticeBel G. RaggadPace University, Pleasantville, New York, USA

Although the international community has beenaggressively engaged in developing securitystandards for network and information securityworldwide, there are few textbooks availablethat provide clear guidance on how to properlyapply the new standards in conducting securityaudits and creating risk-driven information security programs.

An authoritative and practical classroomresource, this book provides a general overviewof security auditing before examining the vari-ous elements of the information security lifecycle. It explains the ISO 17799 standard andwalks readers through the steps of conducting anominal security audit that conforms to thestandard. The text also provides detailed guidance for conducting an in-depth technicalsecurity audit leading to certification against the27001 standard. Topics addressed include cybersecurity, security risk assessments, privacy rights, HIPAA, SOX, intrusion detection systems,security testing activities, cyber terrorism, andvulnerability assessments.

This text is filled with review questions, work-shops, and real-world examples that illustrateeffective implementation and security auditingmethodologies. It also includes a detailedmethodology readers can use to devise andimplement effective risk-driven security pro-grams that touch all phases of a computingenvironment, including the sequential stagesneeded to maintain IS management systemsthat conform to the latest ISO standards.

Catalog no. AU7854, January 2010, 871 pp.ISBN: 978-1-4200-7854-1, $79.95 / £49.99

New!

InformationSecurity RiskAnalysisThird EditionThomas R. PeltierThomas R. Peltier Associates,Wyandotte, Michigan, USA

Successful security professionals have had tomodify the process of responding to new threatsin today’s high-profile, ultra-connected businessenvironment. But just because a threat existsdoesn’t mean your organization is at risk.Information Security Risk Analysis, ThirdEdition demonstrates how to identify threatsyour company faces and determine if thosethreats pose a real risk to your organization.

Authored by a renowned security expert andcertification instructor, this authoritative refer-ence provides you with the knowledge and theskill-sets needed to achieve a highly effective riskanalysis assessment in less than one week.Supplemented with online access to sampleforms, controls, policies, letters, and spread-sheets, this one-stop, how-to resource: • Reviews risk analysis, risk assessment, and

vulnerability assessments • Introduces System Development Life Cycle

and Business Process Life Cycle , and inte-grates risk analysis and assessment intothese processes

• Discusses the need to develop a standardset of controls, and details how to applyregulations such as GLBA, HIPPA, SOX, and ISO 17799

• Explains how to use qualitative risk assessment concepts and FRAAP to conduct business impact analyses anddetermine information classification requirements

Catalog no. K11810, March 2010, 456 pp.ISBN: 978-1-4398-3956-0, $79.95 / £49.99




Bestseller!

The SecurityRisk AssessmentHandbookA Complete Guide forPerforming SecurityRisk AssessmentsDouglas J. LandollEn Pointe Technologies, Austin, Texas, USA

This comprehensive manual provides detailedinsight into precisely how to conduct an informa-tion security risk assessment from a practicalpoint of view. Designed for security professionalswho want a more in-depth understanding of therisk assessment process, this volume containsreal-world advice that promotes professionaldevelopment and experience. It also enablessecurity consumers to better negotiate the scopeand rigor of a security assessment, effectivelyinterface with a security assessment team, deliverinsightful comments on a draft report, and havea greater understanding of final report recom-mendations. The book offers charts, checklists,examples, and templates that speed up datagathering, analysis, and document develop-ment. It also:• Explains how to conduct an effective infor-

mation security risk assessment • Contains real examples, step-by-step

descriptions, checklists, decision techniques, and other helpful tricks of the trade

• Explores administrative, technical, andphysical data gathering, including theRIIOT Method

• Covers security risk analysis and mitigationand security risk assessment reporting

• Describes the steps of project managementassessment, including planning, tracking,correcting, reporting, and wrap-up

• Examines various risk assessment tools andmethods, and compares quantitative vs.qualitative analysis


Bestseller!

Complete Guideto Security andPrivacy MetricsMeasuring RegulatoryCompliance,OperationalResilience, and ROIDebra S. HerrmannU.S. Nuclear Regulatory Commission, Washington, D.C., USA

“Provides valuable directions on how measure-ment works and what goes into producing auseful metric. … when faced with the necessityof developing a metrics program to measurethe effectiveness of some aspect of your securi-ty efforts, this rather imposing tome is one Iwould recommend as a way to jumpstart yourefforts. The master table in the introductionprovides a quick guide to the particular sectionmost relevant to the reader’s need …”

— Richard Austin, in IEEE Cipher

“… a useful reference for individuals who mustmeet the challenge of selecting good metrics.”

—Cheryl Washington, Information Security Officer,California State University, in Educause Quarterly

This book defines more than 900 metrics thatmeasure compliance with legislation, resiliencyof security controls, and return on investment. Itclearly explains what needs to be measured,how to measure it, and how to tie security andprivacy metrics to business goals and objectives.The metrics provided are scaled by informationsensitivity, asset criticality, and risk; aligned tocorrespond with different lateral and hierarchicalfunctions; designed with flexible measurementboundaries; and can be implemented individu-ally or in combination. The text includes awealth of examples and sample reports.





Bestseller!

InformationTechnologyControl andAuditThird EditionSandra Senft andFrederick Gallegos California State PolytechnicUniversity, Pomona, USA

Praise for the Previous Edition:

“…very useful for beginners as well as practi-tioners …well written and presented. ... shouldprovide resiliency to IT security in the emergingcyberworld.”

— Information Systems Control Journal

Now in its third edition, this updated andrevised edition of a bestseller is an excellentintroductory reference to IT governance, controls, and auditing. It reviews pertinent legis-lation; discusses the future of auditing in the21st century; and examines governance, strate-gy and standards, and acquisition and imple-mentation. In a section on delivery and support,it explores service management, service conti-nuity, systems management, and operationsmanagement. Finally, the authors reviewadvanced topics such as virtual environment,virtual security, e-commerce, and enterpriseresource planning. This new edition includesguidelines for preparing for the CISA Exam, andincludes numerous illustrations..

New in the Third Edition:

• Reorganized and expanded to align withCobiT objectives

• Supports study for both the CISA andCGEIT exams

• Includes chapters on IT financial and sourcing management

• Adds a section on Delivery and Supportcontrol objectives

• Includes additional content on audit andcontrol of outsourcing, change manage-ment, risk management, and compliance


Cyber FraudTactics, Techniques,and ProceduresRick HowardVerisign iDefense SecurityIntelligence Services, Dulles,Virginia, USA

This book documentschanges in the culture ofcyber criminals andexplores the innovations that have resulted fromthose changes. Copiously illustrated, it exploresthe threats present in the cyber fraud under-ground. It discusses phishing and pharming, tro-jans and toolkits, direct threats, pump-and-dump scams, and other fraud-related activitiesof the booming cyber-underground economy.

By examining the geopolitical and socio-eco-nomic foundations of a cyber threat landscape,the book examines telecommunications infra-structure development, patterns and trends ofinternet adoption and use, profiles of specificmalicious actors, threat types, and trends inthese areas. This eye-opening work includes avariety of case studies―including the cyberthreat landscape in Russia and Brazil. An in-depth discussion is provided on the RussianBusiness Network’s role in global cyber crime aswell as evidence on how these criminals steal,package, buy, sell, and profit from consumers’personal financial information. The text also:• Examines economic vulnerability models

and analyzes how they can affect vendors,end users, and vulnerability researchers

• Outlines a conceptual model of the structures, functions, and roles of actorsand organizations within the cyber crimeunderground

• Addresses the maturity of malcode communication and the preventative measures organizations can take

• Outlines countermeasure expenditures thatshould be considered by organizations





New!

Process-CentricArchitecture for EnterpriseSoftwareSystemsParameswaran SeshanInfosys, Bangelore, India

The increasing adoption of Business ProcessManagement (BPM) has inspired pioneeringsoftware architects and developers to effectivelyleverage BPM-based software and process-cen-tric architecture (PCA) to create software sys-tems that enable essential business processes.Reflecting this emerging trend, this book pro-vides a complete and accessible introductionexplaining this architecture.

The text details the analysis and design princi-ples used in process-centric architecture anddemonstrates how to architect and designenterprise systems based on business processescentral to your organization. It covers the archi-tectural aspects of business process manage-ment, the evolution of IT systems in enterprises,the importance of a business process focus, therole of workflows, business rules, enterpriseapplication integration, and business processmodeling languages such as WS-BPEL andBPML. It also investigates: • Fundamental concepts of process-centric

architecture style• The PCA approach to architecting

enterprise IT systems• Business process driven applications and

integration• Two case studies that illustrate how to

architect and design enterprise applicationsbased on PCA

• SOA in the context of process-centric architecture

• Standards, technologies, and infrastructurebehind PCA

Explaining how to architect enterprise systemsusing a BPMS technology platform, J2EE com-ponents, and Web services, this forward-lookingbook will empower you to create systems cen-tered on business processes and make today’senterprise processes successful and agile.


New!

Product ReleasePlanningMethods, Tools andApplicationsGunther RuheUniversity of Calgary, Alberta, Canada

Authored by renownedexpert Günther Ruhe, this book presents meth-ods and tools for applying sound planning toproduct development and product manage-ment. It covers the different aspects of support-ing product release decisions, including founda-tions, methods, tools, and applications. It pro-vides a guided tour through the methodologyand use of release planning, from technologyand market needs to product planning anddevelopment projects.

The book studies three fundamental classes ofproblems: prioritization of features, productrelease planning on a strategic level (roadmap-ping), and release planning on an operationallevel (staffing). It presents and discusses toolsupport for all the methods covered. Completewith case studies and application scenarios thatillustrate the proposed methods, the text sup-plies trial accounts for the two most importantdecision tools for prioritization and productrelease planning. It also:• Defines release planning, highlights its

importance, and dispels misconceptionsabout it

• Presents in-depth modeling options related to business, resource, risk, and technological constraints

• Provides a highly flexible, customizablemethod for conducting systematic releaseplanning

• Explains how to start the process of product release planning

• Covers release planning software such asVeryBestChoiceLight, ReleasePlanner™, andRASORP and includes public logins to twoweb-based tools

Catalog no. 2620, June 2010, 339 pp.ISBN: 978-0-8493-2620-2, $89.95 / £57.99




New!

Basics of ProcessMappingSecond EditionRobert Damelio

The bestselling first editionof this influential resourcehas been incorporated intothe curriculum at forwardthinking colleges and universities, a leadingvocational technical institute, many in-housecorporate continuous improvement approach-es, including Six Sigma, and the United Nations’headquarters in New York.

Providing a complete and accessible introduc-tion to process maps, The Basics of ProcessMapping, Second Edition raises the bar onwhat constitutes the basics. Thoroughly revisedand updated, it explains how relationship maps,cross-functional process maps (swimlane dia-grams), and flowcharts can be used as a set toprovide different views of work.

New in the Second Edition: • Four new chapters and 75 new graphics • An introduction to the concepts of flow

and waste and how both appear in knowl-edge work or business processes

• A set of measures for flow and waste • A discussion of problematic features of

knowledge work and business processesthat act as barriers to flow

• Seven principles and 29 guidelines forimproving the flow of knowledge work

• A detailed case study that shows how oneorganization applied the principles andguidelines in order to reduce lead timefrom an average of 28 days to 4 days

Unlike "tool books" or "pocket guides" that focuson discrete tools in isolation, this text uses a sin-gle comprehensive service work example thatintegrates all three maps, and illustrates theinsights they provide when applied as a set. Itcontains how-to procedures for creating eachtype of map, and includes clear-cut guidance fordetermining when each type of map is mostappropriate. The well-rounded understandingprovided in these pages will allow readers tomake work visible at the organization, process,and job/performer levels.

Catalog no. PP7376, June 2010, 156 pp., Soft CoverISBN: 978-1-56327-376-6, $15.00 / £9.99

New!

ProcessImprovementand CMMI® forSystems andSoftwareRon KenettKPA, Ltd., Raanana, Israel

Emanuel BakerProcess Strategies, Inc., Los Angeles, California, USA

Unveiling the state of the art in strategic plan-ning and process improvement, this practicalresource provides a workable approach forachieving cost-effective process improvementsfor systems and software. Focusing on planning,implementation, and management in systemand software processes, it supplies a briefoverview of basic strategic planning models—covering fundamental concepts and approachesfor system and software measurement, testing,and improvements.

The authors, among the first to introduce quali-ty management to the software developmentprocesses, introduce CMMI® and various othersoftware and systems process models. They supply an easy-to-follow methodology for evaluating the status of development and main-tenance processes and for determining thereturn on investment for process improvements.

The text examines beta testing and various testing and usability programs. It highlightsexamples of useful metrics for monitoringprocess improvement projects and explains howto establish baselines against which to measureachieved improvements. It also covers:

• Strategy and basics of quality and processimprovement

• Assessment and measurement in systemsand software

• Improvements and testing of systems andsoftware

• Managing and reporting data

The book concludes with a realistic case studythat illustrates how the process improvementeffort is structured and brings together themethods, tools, and techniques discussed.

Catalog no. AU6050, March 2010, 435 pp.ISBN: 978-1-4200-6050-8, $69.95 / £44.99




Third Edition of a Bestseller!

Software Testingand ContinuousQualityImprovementThird EditionWilliam E. LewisPresident and CEO, Smartware Technologies Inc., Plano, Texas, USA

To aid you in creating meaningful test cases forsystems with evolving requirements, the thirdedition of this bestselling reference provides acontinuous quality framework for the softwaretesting process within traditionally structuredand unstructured environments. Completelyrevised, it provides a comprehensive look at software testing as part of the project manage-ment process—emphasizing testing and qualitygoals early on in development.

Building on the success of previous editions, thetext explains testing in a Service OrientatedArchitecture environment, the building blocks ofa Testing Center of Excellence, and how to testin an agile development environment. Fullyupdated, the sections on test effort estimationprovide greater emphasis on testing metrics.The book examines all aspects of functional test-ing and looks at the relation between changingbusiness strategies and changes to applicationsin development. It also includes new chapterson process, application, and organizational metrics.

All IT organizations face software testing issues,but most are unprepared to manage them. This enhanced edition includes a listing of freesoftware tools as well as a question-and-answerchecklist for choosing the best tools for yourorganization.


ArchitectingSoftwareIntensiveSystemsA Practitioner’s GuideAnthony J. LattanzeCarnegie Mellon University,Pittsburgh, Pennsylvania, USA

Architectural design is a cru-cial first step in developing complex softwareintensive systems. Early design decisions estab-lish the structures necessary for achieving broadsystemic properties. However, today’s organiza-tions lack synergy between their software devel-opment processes and technological method-ologies. Providing thorough treatment of theoryand best practices, this book explains:• How and when to design architectures • How to weave architecture design process-

es into existing development processes • What to do with architecture design

artifacts once created

The first section establishes key concepts inarchitectural design for software intensive systems, including architectural drivers andstructures. The book then goes on to describethe industry-tested Architecture Centric DesignMethod. Each stage of the method is clearlyexplained and the book provides all of the supporting templates and checklists. The lastsection discusses practical matters, includinghow to adopt disciplined architectural designpractices into existing organizational develop-ment processes.

With the principled understanding of designprovided, architects can temper their visceralinstinct to react and be better prepared toaddress a broader range of design problems,regardless of business context or their domainexperience.





RequirementsEngineering forSoftware andSystemsPhillip A. LaplanteThe Pennsylvania State University,Malvern, USA

“… this text provides areview of the theoreticaland practical aspects of discovering, analyz-ing, modeling, validating, testing, and writingrequirements for systems of all kinds, particu-larly software-intensive systems. Incorporatinga variety of formal methods, social models,and modern requirements writing techniquesuseful to practicing engineers, the text is suit-able for professional software engineers, sys-tems engineers, and senior undergraduate andgraduate students in these fields.”

—Book News Inc., 2009

With an intentional focus on software-intensivesystems, Requirements Engineering forSoftware and Systems provides a probing andcomprehensive review of the state of technolo-gy and developments in intelligent systems, soft computing techniques, and their diverseapplications in manufacturing.

To illustrate key ideas associated with require-ments engineering, the text presents three real-world example systems: an airline baggagehandling system, a point-of-sale system for onelocation of a large pet store chain, and a systemfor a smart home in which one or more PCs control various aspects of the home’s functions.The selected systems encompass a wide range ofapplications—from embedded to organic, forboth industrial and consumer uses.


New!

Applied SoftwareProduct-LineEngineeringEdited by

Kyo C. KangPOSTECH, Pohang, South Korea

Vijayan SugumaranOakland University, Rochester, Michigan, USA

Sooyong ParkSogang University, Seoul, South Korea

Detailing the various aspects of SPLE implemen-tation in different domains, Applied SoftwareProduct Line Engineering documents bestpractices with regard to system development.Expert contributors focus on core asset develop-ment, product development, and management,addressing the process, technical, and organiza-tional issues needed to meet the growingdemand for information. They detail the adop-tion and diffusion of SPLE as a primary softwaredevelopment paradigm and also address techni-cal and managerial issues in software productline engineering.

Providing an authoritative perspective of recentresearch and practice in SLPE, the text:• Presents in-depth discussions and many

industry case studies • Covers applications in various domains,

including automotive, business processmanagement, and defense

• Tracks the organizational, process, andtechnical aspects of software product lineswithin an organization

• Provides the expertise of a distinguishedpanel of global contributors

Increasing global competition coupled with thecurrent economic conditions puts the pressureon software engineers and software processimprovement professionals to find ways to meetthe needs of expanding markets with greaterefficiency. This book provides the insight to har-ness the power of SPLE to increase productivity,reduce time to market, and handle growingdiversity.

Catalog no. AU6841, January 2010, 561 pp.ISBN: 978-1-4200-6841-2, $89.95 / £57.99




Third Edition of a Bestseller!

Software TestingA Craftsman’sApproach, Third EditionPaul C. JorgensenGrand Valley State University,Allendale, Michigan, USA

Extending the combination of theory and practicality of the first two editions to includeagile programming development, the third edition of this widely adopted text discusses theserious effect this emerging area is having onsoftware testing. This edition begins by provid-ing the mathematical background in discretemathematics and linear graph theory used insubsequent sections.

Next, it describes specification-based (functional) and code-based (structural) testdevelopment techniques, while extending thistheoretical approach to less understood levels of integration and system testing. The authorfurther develops this discussion to includeobject-oriented software. A new section relatesall of the previously discussed concepts to theagile software development movement andhighlights issues such as how agile and XP devel-opment environments are radically changingthe role of software testers by making testingintegral at every phase of the developmentprocess. • Includes downloadable programs that

demonstrate white-box, black-box, andother fundamental testing types

• Introduces model-based development andprovides an explanation of how to conducttesting within model-based developmentenvironments

• Presents an entirely new section on methods for testing software in an agileprogramming environment

• Explores test-driven development, reexamines all-pairs testing, and explainsthe four contexts of software testing


The BusinessValue of ITManaging Risks,OptimizingPerformance, andMeasuring ResultsMichael D. S. Harris,David Herron, and Stasia IwanickiThe David Consulting Group,Paoli, Pennsylvania, USA

“An excellent reference for the CIO and for theline manager seeking to engage the businesswith the transparency into the investment and cost equation they demand to justify thecost of IT.”—Mike Antico, CTO, Wolters Kluwer, New York, USA

The Business Value of IT: Managing Risks,Optimizing Performance, and MeasuringResults examines how to measure IT perform-ance, how to put a dollar value on IT, and howto justify value of an IT program. It places sharptechnical focus on the techniques, methods, andprocesses used to identify and to assess risks.

Leading consultants Michael D. Harris, David Herron, and Stasia Iwanicki share theirreal-world experiences in the field. They discussIT from the perspective of its contribution tobusiness, the necessity of governance, theimportance of measuring performance, and thechanges that must be made in order to measureIT effectively. The book also:• Examines the important measure of

delivering value to business users• Demonstrates how to govern IT and how

IT governance delivers real value• Shows how to change IT to improve

performance • Focuses on techniques, methods, and

processes for effectively identifying, assessing, and minimizing risks




Our up-to-date, officially sanctionedstudy guides and resources put you atthe top of your field. The breadth and

depth of experience of theauthors gives insight intothe key issues in certificationand accreditation, including

roles and responsibili-ties, the InformationSecurity life cycle, andpitfalls to avoid.







Pre

so

rted

Sta

nd

ard

US

Po

sta

ge

PA

IDP

erm

it 3

82

So

uth

Ho

llan

d I

L

6000

Bro

ken

Soun

d Pa

rkw

ay, N

W, S

uite

300

Boca

Rat

on, F

L 33

487,

USA

Pag

e 1

9

Fo

r a c

om

ple

te li

st o

f IT

Reso

urc

es

ple

ase

vis

it w

ww

.crc

pre

ss.c

om

Pag

e 1

1P

ag

e 4

Use this Promo Code

when ordering to

SAVE 15%!




Documents

IT Innovation