Atjaunināt sīkdatņu piekrišanu

E-grāmata: FISMA Principles and Best Practices: Beyond Compliance

3.00/5 (7 ratings by Goodreads)
(Chief Information Security Officer, Nuclear Regulatory Commission, USA)
  • Formāts: 345 pages
  • Izdošanas datums: 19-Apr-2016
  • Izdevniecība: Auerbach
  • Valoda: eng
  • ISBN-13: 9781420078305
Citas grāmatas par šo tēmu:
  • Formāts - PDF+DRM
  • Cena: 75,13 €*
  • * ši ir gala cena, t.i., netiek piemērotas nekādas papildus atlaides
  • Ielikt grozā
  • Pievienot vēlmju sarakstam
  • Šī e-grāmata paredzēta tikai personīgai lietošanai. E-grāmatas nav iespējams atgriezt un nauda par iegādātajām e-grāmatām netiek atmaksāta.
FISMA Principles and Best Practices: Beyond CompliancePalielināt
  • Formāts: 345 pages
  • Izdošanas datums: 19-Apr-2016
  • Izdevniecība: Auerbach
  • Valoda: eng
  • ISBN-13: 9781420078305
Citas grāmatas par šo tēmu:

DRM restrictions

  • Kopēšana (kopēt/ievietot):

    nav atļauts

  • Drukāšana:

    nav atļauts

  • Lietošana:

    Digitālo tiesību pārvaldība (Digital Rights Management (DRM))
    Izdevējs ir piegādājis šo grāmatu šifrētā veidā, kas nozīmē, ka jums ir jāinstalē bezmaksas programmatūra, lai to atbloķētu un lasītu. Lai lasītu šo e-grāmatu, jums ir jāizveido Adobe ID. Vairāk informācijas šeit. E-grāmatu var lasīt un lejupielādēt līdz 6 ierīcēm (vienam lietotājam ar vienu un to pašu Adobe ID).

    Nepieciešamā programmatūra
    Lai lasītu šo e-grāmatu mobilajā ierīcē (tālrunī vai planšetdatorā), jums būs jāinstalē šī bezmaksas lietotne: PocketBook Reader (iOS / Android)

    Lai lejupielādētu un lasītu šo e-grāmatu datorā vai Mac datorā, jums ir nepieciešamid Adobe Digital Editions (šī ir bezmaksas lietotne, kas īpaši izstrādāta e-grāmatām. Tā nav tas pats, kas Adobe Reader, kas, iespējams, jau ir jūsu datorā.)

    Jūs nevarat lasīt šo e-grāmatu, izmantojot Amazon Kindle.

While many agencies struggle to comply with Federal Information Security Management Act (FISMA) regulations, those that have embraced its requirements have found that their comprehensive and flexible nature provides a sound security risk management framework for the implementation of essential system security controls. Detailing a proven approach for establishing and implementing a comprehensive information security program, FISMA Principles and Best Practices: Beyond Compliance integrates compliance review, technical monitoring, and remediation efforts to explain how to achieve and maintain compliance with FISMA requirements.





Based on the authors experience developing, implementing, and maintaining enterprise FISMA-based information technology security programs at three major federal agencies, including the U.S. Department of Housing and Urban Development, the book gives you workable solutions for establishing and operating an effective security compliance program. It delineates the processes, practices, and principles involved in managing the complexities of FISMA compliance. Describing how FISMA can be used to form the basis for an enterprise security risk management program, the book:



















Provides a comprehensive analysis of FISMA requirements





Highlights the primary considerations for establishing an effective security compliance program





Illustrates successful implementation of FISMA requirements with numerous case studies











Clarifying exactly what it takes to gain and maintain FISMA compliance, Pat Howard, CISO of the Nuclear Regulatory Commission, provides detailed guidelines so you can design and staff a compliance capability, build organizational relationships, gain management support, and integrate compliance into the system development life cycle. While there is no such thing as absolute protection, this up-to-date resource reflects th
Preface vii
Acknowledgments ix
PART I Introduction
Chapter 1 Analysis of the Federal Information Security Management Act (FISMA)
7(22)
Chapter 2 Principles of FISMA Reporting
29(22)
PART II Managing FISMA Compliance
Chapter 3 Management Support
51(14)
Chapter 4 The Information Security Organization
65(20)
Chapter 5 Staffing Considerations
85(16)
Chapter 6 Program Planning
101(14)
Chapter 7 Developing Policy and Guidance
115(16)
Chapter 8 Training and Awareness
131(20)
Chapter 9 Audit Liaison
151(16)
Chapter 10 Monitoring Mechanisms
167(16)
Chapter 11 Life-Cycle Issues
183(10)
Chapter 12 Outreach
193(26)
PART III Summary
Appendix A The FISMA Legislation
219(26)
Appendix B OMB FISMA Reporting Guidelines
245(38)
Appendix C OMB FISMA FY10 Reporting Questionnaires
283(30)
Appendix D Consensus Audit Guidelines
313(12)
Appendix E Bibliography
325(2)
Index 327
Patrick D. Howard has over 38 years of experience in the security industry, and has worked in the computer security field for the past 23 years. Mr. Howard has served as the Chief Information Security Officer at the Nuclear Regulatory Commission since March 17, 2008, and is responsible for managing NRCs enterprise-wide information security program. Prior to joining NRC, Mr. Howard was employed at the Department of Housing and Urban Development for 3 years, where he served as HUDs Chief Information Security Officer and managed the Departments enterprise-wide information technology security program.





Mr. Howard led HUD to a first ever "A+" score on Congress 2006 FISMA Report Card and was recognized as a 2007 Fed 100 winner for his accomplishments in government information technology. Prior to joining HUD, Mr. Howard was employed by the Titan Corporation supporting the Department of Transportation where he served as the Departments Certification and Accreditation Program Manager. Mr. Howard is co-author of the Total CISSP Exam Prep Book, and author of Building and Implementing a Security Certification and Accreditation Program.





Mr. Howard received a bachelors degree in History from the University of Oklahoma and an master's degree in International Relations from Boston University. He is a Certified Information Systems Security Professional (CISSP) and a Certified Information Security Manager (CISM). He is a member of the American Council for Technology/Industry Advisory Council (ACT/IAC) InfoSec and Privacy Shared Interest Group Government Advisory Panel and the International Information Systems Security Certification Consortiums Government Advisory Board and the Executive Writers Bureau, which he chairs. Mr. Howard is also an adjunct professor of Information Assurance at Walsh College, Troy, Michigan.
Biežāk uzdotie jautājumi par e-grāmatām Biežāk uzdotie jautājumi par e-grāmatām
Permanent link: https://www.kriso.lv/db/97814200783052e.html
Keywords: