Information Systems Security: Security Management, Metrics, Frameworks and Best Practices

  • Published on

  • View

  • Download

Embed Size (px)


Information and communication systems can be exposed to intrusion and risks, within the overall architecture and design of these systems. These areas of risks can span the entire gamut of information systems including databases, networks, applications, internet-based communication, web services, mobile technologies and people issues associated with all of them. It is vital for businesses to be fully aware of security risks associated with their systems as well as the regulatory body pressures; and develop and implement an effective strategy to handle those risks. This book covers all of the aforementioned issues in depth. It covers all significant aspects of security, as it deals with ICT, and provides practicing ICT security professionals explanations to various aspects of information systems, their corresponding security risks and how to embark on strategic approaches to reduce and, preferably, eliminate those risks. Written by an experienced industry professional working in the domain, with extensive experience in teaching at various levels as well as research, this book is truly a treatise on the subject of Information Security.


  • 1. A new release from Wiley India Visit:
  • 2. Visit: Written by an experienced industry professional working in the domain, a professional with extensive experience in teaching at various levels (student seminars, industry workshops) as well as research. Covers SOX and SAS 70 aspects for Asset Management in the context of Information Systems Security. A comprehensive treatment and truly a treatise on the subject of Information Security
  • 3. Visit: Useful text for CSQA, CISA and CISM aspirants. Detailed explanation of topics " Privacy" and "Biometric Controls". Review questions and reference material pointers after each chapter. Ample figures to illustrate key points over 250 figures!
      • IT Risk Analysis covered
  • 4. Visit:
  • 5.
    • Nina Godbole has vast experience in the IT industry System
    • Analysis & Design and Development, as well as Application
    • Support Services, MIS, IT Perspective Planning Training, Security
    • Audits, Quality Management, Operations Management. Nina has
    • also led BPR initiatives and has played an instrumental role in
    • successfully driven organizational initiatives - the ISO 9001, P
    • CMM and CMM-I. She is an active member of many professional
    • bodies and academic research groups.
    • Nina holds a Masters Degree from IIT and MS Engineering (Computer
    • Science) degree from Newport University, USA. She is a CQA, CSTE,
    • CISA, PMP and ITIL Foundation Certified professional.
  • 6.
    • Chapter 1: Information Systems in Global Context
    • Chapter 2: Threats to Information Systems
    • Chapter 3: Security Considerations in Mobile and Wireless
    • Computing
    • Chapter 4: Information Security Management in Organizations
    • Chapter 5: Building Blocks of Information Security
    • Chapter 6: Information Security Risk Analysis
    • Chapter 7: Overview of Physical Security for Information Systems
    • Chapter 8: Perimeter Security for Physical Protection
    • Chapter 9: Biometrics Controls for Security
    • Chapter 10: Biometrics-based Security: Issues and Challenges
    • Chapter 11: Network Security in Perspective
    • Chapter 12: Networking and Digital Communication Fundamentals
    • Chapter 13: Cryptography and Encryption
    • Chapter 14: Intrusion Detection for Securing the Networks
  • 7.
    • Chapter 15: Firewalls for Network Protection
    • Chapter 16: Virtual Private Networks for Security
    • Chapter 17: Security of Wireless Networks
    • Chapter 18: Business Applications Security: An EAI Perspective
    • Chapter 19: Security of Electronic Mail Systems
    • Chapter 20: Security of Databases
    • Chapter 21: Security of Operating Systems
    • Chapter 22: Security Models, Frameworks, Standards and
    • Methodologies
    • Chapter 23: ISO 17799/ISO 27001
    • Chapter 24: Systems Security Engineering Capability Maturity Model
    • The SSE-CMM
    • Chapter 25: COBIT, COSO-ERM and SAS 70
    • Chapter 26: Information Security: Other Models and Methodologies
    • Chapter 27: Laws and Legal Framework for Information Security
    • Chapter 28: Security Metrics
  • 8.
    • Chapter 29: Privacy - Fundamental Concepts and Principles
    • Chapter 30: Privacy - Business Challenges
    • Chapter 31: Privacy - Technological Impacts
    • Chapter 32: Web Services and Privacy
    • Chapter 33: Staffing the Security Function
    • Chapter 34: Business Continuity and Disaster Recovery Planning
    • Chapter 35: Auditing for Security
    • Chapter 36: Privacy Best Practices in Organizations
    • Chapter 37: Asset Management
    • Chapter 38: Ethical Issues and Intellectual Property Concerns for
    • InfoSec Professionals
  • 9. Visit: 37 appendices with checklists, guidelines and more, on the topics covered. 17 case illustrations to help readers appreciate/reinforce the understanding of the concepts. Workshop Mapping document with ideas for mapping contents of chapters to workshops/seminars on security and privacy.
  • 10.
    • ISBN: 978-81-265-1692-6
    • Information Systems Security: Security Management, Metrics, Frameworks and Best Practices
    • Price: Rs 549/-
    • Pages: 1020