Managing Risk in Information Systems (3rd Edition)

Specifications

Book Description

“Managing Risk in Information Systems (Information Systems Security & Assurance),” authored by Darril Gibson and Andy Igonor, is a textbook that focuses on the critical aspect of risk management within the context of information systems security. This third edition provides updated insights into managing risks and ensuring the security of information systems.

Key features of the third edition include:

1. Comprehensive Coverage: The textbook offers a comprehensive examination of risk management concepts specific to information systems security. It covers risk assessment, risk analysis, risk mitigation, and risk monitoring within the context of securing information systems.
2. Practical Applications: Gibson and Igonor emphasize practical applications of risk management principles. The book provides real-world examples, case studies, and scenarios to help students understand how to apply risk management concepts in different situations.
3. Aligned with Industry Standards: The content is aligned with industry standards and frameworks, such as those from the International Organization for Standardization (ISO) and the National Institute of Standards and Technology (NIST). This ensures that the material is relevant and in line with widely accepted best practices.
4. Updated Information: The third edition includes updated information on emerging threats, technologies, and trends in the field of information systems security. It reflects the dynamic nature of the cybersecurity landscape.
5. Risk Management Frameworks: The authors discuss various risk management frameworks, helping readers understand the structured processes and methodologies for identifying, assessing, and mitigating risks.
6. Interactive Learning Resources: The textbook may include online resources, exercises, and tools to enhance the learning experience. These resources can be valuable for students and instructors alike.
7. Accessible Language: The authors use clear and accessible language, making the material suitable for students and professionals with varying levels of expertise in information systems security.

“Managing Risk in Information Systems” is often used in courses related to information systems security, cybersecurity, and risk management. It serves as a valuable resource for students and professionals seeking a practical understanding of how to identify, assess, and manage risks in the dynamic and ever-evolving field of information security.