The Resource Fundamentals of information risk management auditing : an introduction for managers and auditors, Christopher Wright

Fundamentals of information risk management auditing : an introduction for managers and auditors, Christopher Wright

Label
Fundamentals of information risk management auditing : an introduction for managers and auditors
Title
Fundamentals of information risk management auditing
Title remainder
an introduction for managers and auditors
Statement of responsibility
Christopher Wright
Creator
Contributor
Author
Provider
Subject
Language
eng
Summary
Providing insight into information risk management auditing for those considering a career in information risk management, and an introduction for non-specialists, such as those managing technical specialists, this book discusses the risks and controls that you may encounter when performing an audit of information risk, together with suggested mitigation approaches based on those risks and controls. --
Member of
Assigning source
Edited summary from book
Cataloging source
UMI
http://library.link/vocab/creatorName
Wright, Christopher
Illustrations
illustrations
Index
no index present
LC call number
HD61
Literary form
non fiction
Nature of contents
  • dictionaries
  • bibliography
http://library.link/vocab/relatedWorkOrContributorName
JSTOR
Series statement
Fundamentals
Series volume
v.6
http://library.link/vocab/subjectName
  • Risk management
  • Risk management
  • COMPUTERS / General
Label
Fundamentals of information risk management auditing : an introduction for managers and auditors, Christopher Wright
Instantiates
Publication
Bibliography note
Includes bibliographical references
Carrier category
online resource
Carrier category code
  • cr
Carrier MARC source
rdacarrier
Content category
text
Content type code
  • txt
Content type MARC source
rdacontent
Contents
  • Cover; Title; Copyright; Contents; Part I: What is risk and why is it important?; Chapter 1: Risks and controls; Overview; What is risk?; Management of risk; Risk identification and awareness; Documenting risks; Assessing and monitoring risk; Categorisation; Likelihood; Impact; Risk heat maps; Controlling risk; Summary; Chapter 2: Enterprise risk management (ERM) frameworks; Overview; What is enterprise risk management?; Strategic enterprise wide management process; Identify potential risks; Significant impact; Manage them within the entity's risk appetite; Common ERM frameworks; COSO
  • The five componentsISO31000; Sarbanes-Oxley; Summary; Chapter 3: Risk management assurance and audit; Overview; Three lines of defence; First line of defence -- Business unit staff and management; Second line of defence -- Governance, risk and compliance; Third line of defence -- Independent assurance from audit and the Board; Segregation of duties between each line; Internal vs external audit; Other forms of IT assurance; Case study; Summary; Chapter 4: Information Risks and Frameworks; Overview; What is information risk?; COBIT 5; ISO frameworks; CRAMM; Summary and key take-aways
  • Part II: Introduction to General IT and Management RisksChapter 5: Overview of General IT and Management Risks; Overview; Reviewing entity level controls in an IT context; What are general IT controls?; Case studies and examples of general IT controls; Outsourced arrangements; End user computing; Bring your own devices (BYOD); Case studies and examples of outsourcing; Reviewing general IT controls; Summary; Chapter 6: Security and Data Privacy; Overview; Risks; Controls; Examples of IT security controls; ISO27001; Case study examples
  • Documenting, assessing and testing security and confidentiality controlsSummary; Chapter 7: System Development and Change Control; Introduction; Project lifecycle overview; Project lifecycle risks; Project lifecycle controls; Project lifecycle case study examples; Project lifecycle documenting, assessing and testing controls; Change management overview and risks; Change management controls; Change management case study examples; Documenting, assessing and testing controls; Summary; Chapter 8: Service Management and Disaster Planning; Introduction; Service management overview
  • Disaster planningCase study examples; Summary; Part III: Introduction to Application Controls; Chapter 9: Overview of Application Controls (Integrity); Introduction; Risks; Controls; Case study examples; Documenting, assessing and testing application controls; Summary; Further reading; Part IV: Life as an Information Risk Management Specialist; Chapter 10: Planning, Running and Reviewing Information Risk Management Assignments; Overview; Stages of a review; IRM assignment planning; Conducting an IRM review; Reviewing the audit review; Ensuring action after the review; Summary
Dimensions
unknown
Extent
1 online resource (1 volume)
Form of item
online
Isbn
9781849288163
Media category
computer
Media MARC source
rdamedia
Media type code
  • c
Other physical details
illustrations
Sound
unknown sound
Specific material designation
remote
Stock number
  • CL0500000742
  • 5F2B51CF-2FA5-41ED-B07B-30EE9FFE56BB
System control number
  • (OCoLC)949908718
  • (OCoLC)ocn949908718
Label
Fundamentals of information risk management auditing : an introduction for managers and auditors, Christopher Wright
Publication
Bibliography note
Includes bibliographical references
Carrier category
online resource
Carrier category code
  • cr
Carrier MARC source
rdacarrier
Content category
text
Content type code
  • txt
Content type MARC source
rdacontent
Contents
  • Cover; Title; Copyright; Contents; Part I: What is risk and why is it important?; Chapter 1: Risks and controls; Overview; What is risk?; Management of risk; Risk identification and awareness; Documenting risks; Assessing and monitoring risk; Categorisation; Likelihood; Impact; Risk heat maps; Controlling risk; Summary; Chapter 2: Enterprise risk management (ERM) frameworks; Overview; What is enterprise risk management?; Strategic enterprise wide management process; Identify potential risks; Significant impact; Manage them within the entity's risk appetite; Common ERM frameworks; COSO
  • The five componentsISO31000; Sarbanes-Oxley; Summary; Chapter 3: Risk management assurance and audit; Overview; Three lines of defence; First line of defence -- Business unit staff and management; Second line of defence -- Governance, risk and compliance; Third line of defence -- Independent assurance from audit and the Board; Segregation of duties between each line; Internal vs external audit; Other forms of IT assurance; Case study; Summary; Chapter 4: Information Risks and Frameworks; Overview; What is information risk?; COBIT 5; ISO frameworks; CRAMM; Summary and key take-aways
  • Part II: Introduction to General IT and Management RisksChapter 5: Overview of General IT and Management Risks; Overview; Reviewing entity level controls in an IT context; What are general IT controls?; Case studies and examples of general IT controls; Outsourced arrangements; End user computing; Bring your own devices (BYOD); Case studies and examples of outsourcing; Reviewing general IT controls; Summary; Chapter 6: Security and Data Privacy; Overview; Risks; Controls; Examples of IT security controls; ISO27001; Case study examples
  • Documenting, assessing and testing security and confidentiality controlsSummary; Chapter 7: System Development and Change Control; Introduction; Project lifecycle overview; Project lifecycle risks; Project lifecycle controls; Project lifecycle case study examples; Project lifecycle documenting, assessing and testing controls; Change management overview and risks; Change management controls; Change management case study examples; Documenting, assessing and testing controls; Summary; Chapter 8: Service Management and Disaster Planning; Introduction; Service management overview
  • Disaster planningCase study examples; Summary; Part III: Introduction to Application Controls; Chapter 9: Overview of Application Controls (Integrity); Introduction; Risks; Controls; Case study examples; Documenting, assessing and testing application controls; Summary; Further reading; Part IV: Life as an Information Risk Management Specialist; Chapter 10: Planning, Running and Reviewing Information Risk Management Assignments; Overview; Stages of a review; IRM assignment planning; Conducting an IRM review; Reviewing the audit review; Ensuring action after the review; Summary
Dimensions
unknown
Extent
1 online resource (1 volume)
Form of item
online
Isbn
9781849288163
Media category
computer
Media MARC source
rdamedia
Media type code
  • c
Other physical details
illustrations
Sound
unknown sound
Specific material designation
remote
Stock number
  • CL0500000742
  • 5F2B51CF-2FA5-41ED-B07B-30EE9FFE56BB
System control number
  • (OCoLC)949908718
  • (OCoLC)ocn949908718

Library Locations

  • African Studies LibraryBorrow it
    771 Commonwealth Avenue, 6th Floor, Boston, MA, 02215, US
    42.350723 -71.108227
  • Alumni Medical LibraryBorrow it
    72 East Concord Street, Boston, MA, 02118, US
    42.336388 -71.072393
  • Astronomy LibraryBorrow it
    725 Commonwealth Avenue, 6th Floor, Boston, MA, 02445, US
    42.350259 -71.105717
  • Fineman and Pappas Law LibrariesBorrow it
    765 Commonwealth Avenue, Boston, MA, 02215, US
    42.350979 -71.107023
  • Frederick S. Pardee Management LibraryBorrow it
    595 Commonwealth Avenue, Boston, MA, 02215, US
    42.349626 -71.099547
  • Howard Gotlieb Archival Research CenterBorrow it
    771 Commonwealth Avenue, 5th Floor, Boston, MA, 02215, US
    42.350723 -71.108227
  • Mugar Memorial LibraryBorrow it
    771 Commonwealth Avenue, Boston, MA, 02215, US
    42.350723 -71.108227
  • Music LibraryBorrow it
    771 Commonwealth Avenue, 2nd Floor, Boston, MA, 02215, US
    42.350723 -71.108227
  • Pikering Educational Resources LibraryBorrow it
    2 Silber Way, Boston, MA, 02215, US
    42.349804 -71.101425
  • School of Theology LibraryBorrow it
    745 Commonwealth Avenue, 2nd Floor, Boston, MA, 02215, US
    42.350494 -71.107235
  • Science & Engineering LibraryBorrow it
    38 Cummington Mall, Boston, MA, 02215, US
    42.348472 -71.102257
  • Stone Science LibraryBorrow it
    675 Commonwealth Avenue, Boston, MA, 02445, US
    42.350103 -71.103784
Processing Feedback ...