Cookies must be enabled to use this web application.

To allow this site to use cookies, use the steps that apply to your browser below. If your browser is not listed below, or if you have any questions regarding this site, please contact us.

Microsoft Internet Explorer
  • 1. Select "Internet Options" from the Tools menu.
  • 2. Click on the "Privacy" tab.
  • 3. Click the "Default" button.
  • 4. Click "OK" to save changes.
Chrome Chrome
  • 1. Click the "Spanner" icon in the top right of the browser.
  • 2. Click Options and change to the "Under the Hood" tab.
  • 3. Scroll down until you see "Cookie settings:".
  • 4. Set this to "Allow all cookies".
Firefox Firefox
  • 1. Go to the "Tools" menu and select "Options".
  • 2. Click the "Privacy" icon on the top of the window.
  • 3. Click on the "Cookies" tab.
  • 4. Check the box corresponding to "Allow sites to set Cookies.
  • 5. Click "OK" to save changes.
Opera Opera
  • 1. Click on the "Tools" menu and then click Preferences.
  • 2. Change to the Advanced tab, and to the cookie section.
  • 3. Select "Accept cookies only from the site I visit" or "Accept cookies".
  • 4. Ensure "Delete new cookies when exiting Opera" is not ticked.
  • 5. Click OK.
Netscape and Mozilla Suite Netscape and Mozilla Suite
  • 1. Select "Preferences" from the Edit menu.
  • 2. Click on the arrow next to "Privacy & Security".
  • 3. Under "Privacy & Security" select "Cookies".
  • 4. Select "Enable all cookies".
  • 5. Click "OK" to save changes.
Safari Safari
  • 1. Click on the "Cog" icon in Safari.
  • 2. Click Preferences.
  • 3. Change to the Security tab.
  • 4. Select "Only from sites I visit" or "Allow".
  • 5. Close the dialog using the cross.
Book Image Not Available
Book details
  • Genre:BUSINESS & ECONOMICS
  • SubGenre:Corporate Governance
  • Language:English
  • Pages:179
  • eBook ISBN:9781618428226

Information and IT Risk Management in a Nutshell

A Pragmatic Approach to Information Security

by Andreas von Grebmer

Book Image Not Available
Overview
“Information and IT Risk Management in a Nutshell”. The outstanding value of this book is the smart combination of methods and practical guidelines into one handy book. This reference manual is based on the substantial applied experience of the author. Like Andreas’ earlier publications, “The project is dead… long live the project! (2004)” and “Der Software-Testprozess für IT-Manager (2002)”, this one is also a pragmatic guide. Many books have been written about Information Security. Most of them are thick and scientific. Here comes the down-to-earth answer for implementers. For those dealing with risks in Information or IT Management this guide is useful in multiple ways: The reader gets a deep insight into applied Information and IT risk management and it helps to build and maintain a well functioning Information and IT risk management system.
Description
The outstanding value of this book is the smart combination of methods and practical guidelines into one handy book. This reference manual is based on the substantial applied experience of the author. Like Andreas’ earlier publications, “The project is dead… long live the project! (2004)” and “Der Software- Testprozess für IT-Manager (2002)”, this one is also a pragmatic guide. Many books have been written about Information Security. Most of them are thick and scientific. Here comes the down-to-earth answer for implementers. For those dealing with risks in Information or IT Management this guide is useful in multiple ways: The reader gets a deep insight into applied Information and IT risk management and it helps to build and maintain a well functioning Information and IT risk management system. The guide consists of four main sections. In the first section “RISK MANAGEMENT ESSENTIALS” the foundation of risk management is explained. In the next section “THE SIMPLIFIED APPROACH” an easy implementation process for Information and IT risk management is described and illustrated. In the following section “TEMPLATES” various examples and templates are provided and ready to use for the implementation. The last section “INFORMATION AND IT RISK MANAGEMENT LEXICON” explains the terms used in Information and IT risk management. In addition there are arguments to bring forward to gain management support and for practicing continuous Information and IT risk management. There is a pragmatic ramework available including possible pitfalls when implementing Information and IT risk management. Finally, the famous “Golden Rules” describe best practices methods. “Drawing from his experience, Andreas von Grebmer has written a book which allows the practitioner to engage in Risk Management and to develop an approach to treating Risk Management […] making it universally applicable in the increasingly complex jungle of rules, regulations and standards”, Reto Zbinden, Fürsprecher, CEO www.infosec.ch. “... few valuable collections of information on IT risk management exist, that strike the right balance between the theoretical and methodological foundations. That [book] is to say the practitioner’s view of setting up and using appropriate and sufficiently efficient and effective IT risk management elements …”, Dr. Hannes P. Lubich, Senior Consultant, BT Global Services. On 179 pages well prepared with a lot of colored graphs the reader is introduced to a ready to use risk management approach.
About the author
Andreas von Grebmer. Born 1965 in Kiel Germany. Dedicated Quality and Project Manager from and by heart. Since 1997 specialist in software testing. Worked as deputy team leader of software testing group in the test center for the global IT end user platform of a Swiss bank. Built and speeded up processes. Responsible for process streamlining and designing after a huge merger. 2001 passed special Swiss education for IT project manager. Contributed to several projects especially e-business in global banks and insurance groups. Published a German guidebook about practical testing with a quality lexicon (currently being translated into English). 2002 switched to a leading global pharmaceutical company. Acting as project quality manager observing and implementing of company wide project standards and methodology. Set up roll-out processes for corporate end user platform. June 2003 until April 2007 Group Information Security Officer (CISSP in 2005) responsible for maintaining the policy framework and performing project and system risk assessment globally. From May 2007 to April 2011 member of the HR Business Excellence Team. Handling employee data of 100K employees in over 100 countries. January 2009 ISACA Certified CISM. June 2010 ISACA Certified CRISC. Since May 2011 Global Service / Vendor Quality & Compliance Officer.
Thanks for submitting a review!

Your review will need to be approved by the author before being posted.

See Inside
Session Expiration WarningYour session is due to expire.

Your online session is due to expire shortly.
Would you like to extend your session and remain logged in?

Session Expired

Your session has expired.We're sorry, but your online session has expired.
Please log back into your account to continue.