• Complain

Saffady - Managing Information Risks: Threats, Vulnerabilities, and Responses

Here you can read online Saffady - Managing Information Risks: Threats, Vulnerabilities, and Responses full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2012, publisher: Rowman & Littlefield Publishers, genre: Business. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

Saffady Managing Information Risks: Threats, Vulnerabilities, and Responses
  • Book:
    Managing Information Risks: Threats, Vulnerabilities, and Responses
  • Author:
  • Publisher:
    Rowman & Littlefield Publishers
  • Genre:
  • Year:
    2012
  • Rating:
    3 / 5
  • Favourites:
    Add to favourites
  • Your mark:
    • 60
    • 1
    • 2
    • 3
    • 4
    • 5

Managing Information Risks: Threats, Vulnerabilities, and Responses: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "Managing Information Risks: Threats, Vulnerabilities, and Responses" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

Managing Information Risks: Threats, Vulnerabilities, and Responses identifies and categorizes risks related to creation, collection, storage, retention, retrieval, disclosure and ownership of information in organizations of all types and sizes. It is intended for risk managers, information governance specialists, compliance officers, attorneys, records managers, archivists, and other decision-makers, managers, and analysts who are responsible for risk management initiatives related to their organizations information assets.An opening chapter defines and discusses risk terminology and concepts that are essential for understanding, assessing, and controlling information risk. Subsequent chapters provide detailed explanations of specific threats to an organizations information assets, an assessment of vulnerabilities that the threats can exploit, and a review of available options to address the threats and their associated vulnerabilities. Applicable laws, regulations, and standards are cited at appropriate points in the text. Each chapter includes extensive endnotes that support specific points and provide suggestions for further reading.While the book is grounded in scholarship, the treatment is practical rather than theoretical. Each chapter focuses on knowledge and recommendations that readers can use to:heighten risk awareness within their organizations,identify threats and their associated consequences,assess vulnerabilities,evaluate risk mitigation options,define risk-related responsibilities, andalign information-related initiatives and activities with their organizations risk management strategies and policies.Compared to other works, this book deals with a broader range of information risks and draws on ideas from a greater variety of disciplines, including business process management, law, financial analysis, records management, information science, and archival administration. Most books on this topic associate information risk with digital data, information technology, and cyber security. This book covers risks to information of any type in any format, including paper and photographic records as well as digital content.

Saffady: author's other books


Who wrote Managing Information Risks: Threats, Vulnerabilities, and Responses? Find out the surname, the name of the author of the book and a list of all author's works by series.

Managing Information Risks: Threats, Vulnerabilities, and Responses — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Managing Information Risks: Threats, Vulnerabilities, and Responses" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

Reset

Interval:

Bookmark:

Make

Managing Information Risks


Managing Information Risks

Threats, Vulnerabilities, and Responses

William Saffady


ROWMAN & LITTLEFIELD

Lanham Boulder New York London

Published by Rowman & Littlefield

An imprint of The Rowman & Littlefield Publishing Group, Inc.

4501 Forbes Boulevard, Suite 200, Lanham, Maryland 20706

www.rowman.com


6 Tinworth Street, London SE11 5AL, United Kingdom


Copyright 2020 by The Rowman & Littlefield Publishing Group, Inc.


All rights reserved. No part of this book may be reproduced in any form or by any electronic or mechanical means, including information storage and retrieval systems, without written permission from the publisher, except by a reviewer who may quote passages in a review.


British Library Cataloguing in Publication Information Available


Library of Congress Cataloging-in-Publication Data


Names: Saffady, William, 1944 author.

Title: Managing information risks : threats, vulnerabilities, and responses / William Saffady.

Description: Lanham : Rowman & Littlefield, 2020. | Includes bibliographical references and index. | Summary: Written by one of the foremost records and information management leaders in the world, this book provides a clear explanation and analysis of the fundamental principles associated with information risk, which is broadly defined as a combination of threats, vulnerabilities, and consequences related to use of an organizations information assets.Provided by publisher.

Identifiers: LCCN 2020000882 (print) | LCCN 2020000883 (ebook) | ISBN 9781538135488 (cloth) | ISBN 9781538135495 (paperback) | ISBN 9781538135501 (epub)

Subjects: LCSH: Data protection. | Computer security. | RecordsManagement. | Database management. | Risk management.

Classification: LCC HF5548.37 .S24 2020 (print) | LCC HF5548.37 (ebook) | DDC 658.4/038dc23

LC record available at https://lccn.loc.gov/2020000882

LC ebook record available at https://lccn.loc.gov/2020000883


TM The paper used in this publication meets the minimum requirements of - photo 1 TM The paper used in this publication meets the minimum requirements of American National Standard for Information Sciences Permanence of Paper for Printed Library Materials, ANSI/NISO Z39.48-1992.

Preface Information risk is an important topic at the nexus of risk management - photo 2
Preface

Information risk is an important topic at the nexus of risk management and information governance, two disciplines with closely aligned objectives. Risk management is responsible for identifying, analyzing, and controlling threats to an organizations assets. Information governance supports this responsibility by developing effective strategies, policies, and initiatives to identify, assess, and address risks associated with an organizations information assets. The two disciplines have a complementary relationship, and they must work together to fulfill their responsibilities.

This book is intended for risk managers, information governance specialists, compliance officers, attorneys, records managers, data scientists, archivists, librarians, and other decision-makers, managers, and analysts who are involved in or need to be aware of risk management initiatives related to their organizations information assets. The book can also be used as a textbook by colleges and universities that offer courses in risk management, information governance, or related topics at the graduate or advanced undergraduate level. In particular, the book may be useful for a curriculum that combines risk management with records management, knowledge management, information science, health informatics, information system design, data protection, and other information-related subjects.

Google Trends, a website that analyzes the popularity of Google searches, shows a steady level of worldwide search activity over the past five years for the phrase information risk, with most of the searches originating in the United States and United Kingdom. The level of search activity is higher and the range of geographic interest is broader for the terms information and risk searched together in a Boolean expression rather than as a phrase. For the same period, a Google Scholar search for the phrase information risk retrieved approximately 11,500 citations, while a search of the two terms in a Boolean expression retrieved over 1.3 million citations.

Google search results suggest that information risk is strongly associated with information technology in general and cybersecurity in particular, but information risk is not limited to computer data. It encompasses organizational information assets of any type in any format, including paper and photographic records as well as digital content stored on premises or by cloud service providers. Reflecting this broader view, this book discusses risks related to creation, collection, storage, retention, retrieval, disclosure, and ownership of information in organizations of all types and sizes. Chapter 1 provides an introduction to risk terms and concepts that are essential for understanding, assessing, and controlling information risk. Taking a taxonomic approach, the remaining chapters identify and categorize threats and discuss vulnerabilities and risk responses related to the following topics:

  • Chapter 2 deals with risks associated with creation and collection of information, including failure to collect information required by laws and regulations; unauthorized collection of personal information; illegal collection of nonpublic information; creation or collection of information with objectionable, defamatory, or private content; and creation or collection of poor-quality information.

  • Chapter 3 discusses loss of information due to natural disasters, malicious human actions, accidents, and fire.

  • Chapter 4 identifies risks associated with retention and destruction of information, including noncompliance with laws and regulations that require retention, preservation, or destruction of information; retaining information longer than necessary; destroying information that needs to be kept; and media instability and obsolescence problems that affect the usability of information.

  • Chapter 5 discusses risks associated with information retrieval and disclosure, including retrieval failures, metadata mining, noncompliance with laws and regulations that mandate information disclosure, failure to prevent unauthorized disclosure of information, prohibitions on cross-border transfer of information, and noncompliance with data breach notification laws.

  • Chapter 6 deals with risks associated with ownership of information, including infringement of intellectual property rights, the impact of the work-for-hire doctrine, loss of ownership of trade secrets, and data portability laws and regulations that affect ownership of personal information.

Each chapter begins with a brief overview that summarizes key risks related to the topic at hand, followed by a detailed explanation of each threat, an assessment of vulnerabilities that the threat can exploit, and a review of available options to address the threat and its associated vulnerabilities. Chapters 2 through 6 are self-contained and can be read in any order, but reference is occasionally made to related points that are discussed in other chapters.

Individual chapters include extensive endnotes that cite publications to support specific points and provide suggestions for further reading about risk related topics. Some endnotes also include comments or additional details about matters discussed in the text. Links are provided to the full text of cited publications if they are available via a reliable web site that is likely to be accessible for the foreseeable future. Otherwise, a digital object identifier (DOI) or other persistent identifier is cited for a given publication where available.

Next page
Light

Font size:

Reset

Interval:

Bookmark:

Make

Similar books «Managing Information Risks: Threats, Vulnerabilities, and Responses»

Look at similar books to Managing Information Risks: Threats, Vulnerabilities, and Responses. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.


Reviews about «Managing Information Risks: Threats, Vulnerabilities, and Responses»

Discussion, reviews of the book Managing Information Risks: Threats, Vulnerabilities, and Responses and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.