|
Bartlett Learning. p. 550.
ISBN 9781284151046.
42. ISACA (2006). CISA Review Manual
2006. Information Systems Audit and
Control Association. p. 85. ISBN 978-
1-933284-15-6.
43. Spagnoletti, Paolo; Resca A. (2008).
"The duality of Information Security
Management: fighting against
predictable and unpredictable
threats" . Journal of Information
System Security. 4 (3): 46–62.
44. Kiountouzis, E.A.; Kokolakis, S.A.
(1996-05-31). Information systems
security: facing the information
society of the 21st century. London:
Chapman & Hall, Ltd. ISBN 978-0-
412-78120-9.
45. Newsome, B. (2013). A Practical
Introduction to Security and Risk
Management. SAGE Publications.
p. 208. ISBN 9781483324852.
4 . Whitman, M.E.; Mattord, H.J. (2016).
Management of Information Security
(5th ed.). Cengage Learning. p. 592.
ISBN 9781305501256.
47. "NIST SP 800-30 Risk Management
Guide for Information Technology
Systems"
(PDF)
. Retrieved
2014-01-17.
4 . Johnson, L. (2015). Security Controls
Evaluation, Testing, and Assessment
Handbook . Syngress. p. 678.
ISBN 9780128025642.
49. 44 U.S.C. § 3542 (b)(1)
50. Ransome, J.; Misra, A. (2013). Core
Software Security: Security at the
Source . CRC Press. pp. 40–41.
ISBN 9781466560956.
51. "Segregation of Duties Control
matrix" . ISACA. 2008. Archived from
the original on 3 July 2011.
Retrieved 2008-09-30.
52. Kakareka, A. (2013). "Chapter 31:
What is Vulnerability Assessment?" .
In Vacca, J.R. (ed.). Computer and
Information Security Handbook
(2nd ed.). Elsevier. pp. 541–552.
ISBN 9780123946126.
53. Bayuk, J. (2009). "Chapter 4:
Information Classification" . In
Axelrod, C.W.; Bayuk, J.L.; Schutzer,
D. (eds.). Enterprise Information
Security and Privacy. Artech House.
pp. 59–70. ISBN 9781596931916.
54. "Business Model for Information
Security (BMIS)" . ISACA. Retrieved
25 January 2018.
55. Akpeninor, James Ohwofasa (2013).
Modern Concepts of Security .
Bloomington, IN: AuthorHouse.
p. 135. ISBN 978-1-4817-8232-6.
Retrieved 18 January 2018.
5 . "The Use of Audit Trails to Monitor
Key Networks and Systems Should
Remain Part of the Computer
Security Material Weakness" .
www.treasury.gov. Retrieved
2017-10-06.
57. Vallabhaneni, S.R. (2008). Corporate
Management, Governance, and
Ethics Best Practices . John Wiley &
Sons. p. 288. ISBN 9780470255803.
5 . Shon Harris (2003). All-in-one CISSP
Certification Exam Guide (2nd ed.).
Emeryville, California: McGraw-
Hill/Osborne. ISBN 978-0-07-222966-
0.
59. "The Duty of Care Risk Analysis
Standard" . DoCRA. Archived from
the original on 2018-08-14.
Retrieved 2018-08-15.
0. Westby, J.R.; Allen, J.H. (August
2007). "Governing for Enterprise
Security (GES) Implementation
Guide"
(PDF)
. Software Engineering
Institute. Retrieved 25 January 2018.
1. "Iltanget.org" . iltanet.org. 2015.
2. Leonard, Wills (2019). A Brief Guide
to Handling a Cyber Incident.
dm.oclc.org/login.aspx?
direct=true&db=aph&AN=136883429
&site=ehost-live >. pp. 17–18.
3. Erlanger, Leon (2002). Defensive
Strategies. PC Magazine. p. 70.
4. "Computer Security Incident Handling
Guide"
(PDF)
. Nist.gov. 2012.
5. He, Ying (December 1, 2017).
"Challenges of Information Security
Incident Learning: An Industrial Case
Study in a Chinese Healthcare
Organization"
(PDF)
. Informatics for
Health and Social Care. 42 (4): 394–
395.
doi:10.1080/17538157.2016.12556
29 . PMID 28068150 .
S2CID 20139345 .
. Campbell, T. (2016). "Chapter 14:
Secure Systems Development" .
Practical Information Security
Management: A Complete Guide to
Planning and Implementation.
Apress. p. 218.
ISBN 9781484216859.
7. Taylor, J. (2008). "Chapter 10:
Understanding the Project Change
Process". Project Scheduling and
Cost Control: Planning, Monitoring
and Controlling the Baseline. J. Ross
Publishing. pp. 187–214.
ISBN 9781932159110.
. itpi.org Archived December 10,
2013, at the Wayback Machine
9. "book summary of The Visible Ops
Handbook: Implementing ITIL in 4
Practical and Auditable Steps" .
wikisummaries.org. Retrieved
2016-06-22.
70. Hotchkiss, Stuart. Business
Continuity Management : In Practice,
British Informatics Society Limited,
2010. ProQuest Ebook Central,
https://ebookcentral.proquest.com/li
b/pensu/detail.action?
docID=634527 .
71. "The Disaster Recovery Plan" . Sans
Institute. Retrieved 7 February 2012.
72. "Data Protection Act 1998" .
legislation.gov.uk. The National
Archives. Retrieved 25 January 2018.
73. "Computer Misuse Act 1990" .
legislation.gov.uk. The National
Archives. Retrieved 25 January 2018.
74. "Directive 2006/24/EC of the
European Parliament and of the
Council of 15 March 2006" . EUR-Lex.
European Union. Retrieved
25 January 2018.
75. Codified at 20 U.S.C. § 1232g , with
implementing regulations in title 34,
Do'stlaringiz bilan baham: |
