Information Security Risk Analysis Third Edition

DETAIL

• Author: THOMAS R. PELTIER
• Language: English
• Published: 2010
  
• Page: 458
• Size: 8 MB
  
• Format: pdf

CONTENTS

Acknowledgments
About the Author 
Introduction

1 The Facilitated Risk Analysis and Assessment Process (FRAAP)
1.1 Introduction
1.2 FR AAP Overview
1.3 FR AAP History
1.4 Introducing the FR AAP
1.5 The Pre-FR AAP Meeting
1.6 The FR AAP Session
1.7 Using a Threats Identification Checklist
1.8 Post-FR AAP Process
1.9 Conclusion

2 Risk Analysis (Project Impact Analysis)
2.1 Overview
2.2 The Difference between Risk Analysis and Risk Assessment
2.3 Risk Analysis and Due Diligence
2.4 Risk Assessment and Fiduciary Duty
2.5 Performing a Risk Analysis
2.6 Risk Analysis Elements
2.7 Other Considerations
2.8 When to Conduct a Risk Analysis
2.9 Final Words .
10 Sample Risk Analysis Questionnaire
2.11 Sample Risk Analysis Report Outline

3 Pre-Screening
3.1 Introduction
3.2 Background
3.3 Summary

4 Business Impact Analysis
4.1 Overview
4.2 BI A versus Risk Assessment
4.3 Creating a BI A Process
4.4 Creating the Financial Impact Table
4.5 Working the BI A Process
4.6 Additional Examples
4.7 Objectives of the BI A
4.8 Using Questionnaires for a BI A
4.9 Data Collection and Analysis
4.10 Prepare Management Presentation
4.11 Final Thoughts
 
5 Gap Analysis
5.1 Introduction
5.2 Background
5.3 GAP Analysis Process
5.4 Summary

Appendix A Facilitator Skills
Appendix B FRAAP Team Members
Appendix C Project Scope Statement
Appendix D Laws, Standards, and Regulations
Appendix E Frequently Asked Questions about Risk Management
Appendix F Risk Analysis versus Risk Assessment
Appendix G Sample Threat Checklist
Appendix H Sample BIA Questionnaire
Appendix I Sample Risk Assessment Management Summary Report
Appendix J Project Scope Statement
Appendix K Why Risk Assessments Fail
Appendix L Gap Analysis Examples
Appendix M Control Lists
Appendix N Heat Charts
Index

DOWNLOAD HERE