ABSTRACT

Security practitioners must be able to build a cost-effective security program while at the same time meet the requirements of government regulations. This book lays out these regulations in simple terms and explains how to use the control frameworks to build an effective information security program and governance structure. It discusses how organizations can best ensure that the information is protected and examines all positions from the board of directors to the end user, delineating the role each plays in protecting the security of the organization.

chapter 1|10 pages

Getting Information Security Right

Title
Top to Bottom
Size: 0.70 MB

chapter 2|26 pages

Developing Information Security Strategy

Title
Size: 1.57 MB

chapter 3|39 pages

Defining the Security Management Organization

Title
Size: 0.38 MB

chapter 4|41 pages

Interacting with the C-Suite

Title
Size: 0.38 MB

chapter 5|19 pages

Managing Risk to an Acceptable Level

Title
Size: 0.40 MB

chapter 6|24 pages

Creating Effective Information Security Policies

Title
Size: 0.31 MB

chapter 7|22 pages

Security Compliance Using Control Frameworks

Title
Size: 0.29 MB

chapter 8|27 pages

Managerial Controls

Title
Practical Security Considerations
Size: 0.44 MB

chapter 9|26 pages

Technical Controls

Title
Practical Security Considerations
Size: 0.34 MB

chapter 10|38 pages

Operational Controls

Title
Practical Security Considerations
Size: 0.40 MB

chapter 11|28 pages

The Auditors Have Arrived, Now What?

Title
Size: 0.45 MB

chapter 12|31 pages

Effective Security Communications

Title
Size: 0.32 MB

chapter 13|15 pages

The Law and Information Security

Title
Size: 0.43 MB

chapter 14|15 pages

Learning from Information Security Incidents

Title
Size: 0.23 MB

chapter 15|13 pages

17 Ways to Dismantle Information Security Governance Efforts

Title
Size: 0.22 MB

Registered in England & Wales No. 3099067
5 Howick Place | London | SW1P 1WG© 2026 Informa UK Limited