TY - BOOK AU - Brotby,W.Krag TI - Information security governance: a practical development and implementation approach T2 - Wiley series in systems engineering and management SN - 9780470476000 AV - HF5548.37 .B76 2009eb U1 - 658.4/78 22 PY - 2009/// CY - Hoboken, N.J. PB - John Wiley & Sons KW - Data protection KW - Computer security KW - Management KW - Information technology KW - Security measures KW - Protection de l'information (Informatique) KW - S�ecurit�e informatique KW - Gestion KW - Technologie de l'information KW - S�ecurit�e KW - Mesures KW - BUSINESS & ECONOMICS KW - Workplace Culture KW - bisacsh KW - Corporate Governance KW - Leadership KW - Organizational Development KW - fast N1 - Includes bibliographical references and index; INFORMATION SECURITY GOVERNANCE; Contents; Acknowledgments; Introduction; 1. Governance Overview -- How Do We Do It? What Do We Get Out of It?; 2. Why Governance?; 3. Legal and Regulatory Requirements; 4. Roles and Responsibilities; 5. Strategic Metrics; 6. Information Security Outcomes; 7. Security Governance Objectives; 8. Risk Management Objectives; 9. Current State; 10. Developing a Security Strategy; 11. Sample Strategy Development; 12. Implementing Strategy; 13. Security Program Development Metrics; 14. Information Security Management Metrics; 15. Incident Management and Response Metrics N2 - This book provides an understanding of governance and its relevance to information security. It gives readers a clear, step-by-step approach to developing a sound security strategy aligned with their business objectives in order to ensure a predictable level of functionality and assurance. Next, it explores various approaches to implementing the strategy, guiding the reader toward practical, workable solutions. A broad range of business managers, IT security managers, and information security managers will value the guidance, action plans, and sample policies provided in this comprehensive boo UR - https://onlinelibrary.wiley.com/doi/book/10.1002/9780470476017 ER -