TY  - BOOK
AU  - Kohnke,Anne
AU  - Shoemaker,Dan
AU  - Sigler,Kenneth
TI  - The complete guide to cybersecurity risks and controls
T2  - Internal audit and IT audit
SN  - 9781498740548
U1  - 005.8 
PY  - 2016///
CY  - Boca Raton
PB  - CRC Press, Taylor & Francis Group
KW  - Seguridad en computadores
KW  - lemb
KW  - Riesgo
KW  - Medidas de seguridad
KW  - Tecnología de la información
N1  - "An Auerbach book."; Incluye bibliografía; Why cybersecurity management is important - Computing and culture shock - Control-based information governance, what it is and how it works - The value of formal control - 
A survey of control frameworks, general structure, and application - What is information security governance? - IT governance frameworks-an overview - IT security controls - What are controls and why are they important? - Picking up where chapter 1 left off - Goal-based security controls - Implementation-based security controls - the security control formulation and development process - Setting the stage for control implementation through security architecture design - Implementing a multitiered governance and control framework in a business - Constructing practical systems of controls - Practical implementation: how to establish a real, working control framework - Ensuring long-term control capability - 
Risk management and prioritization using a control perspective - Ensuring that risk management process supports the organization - the five elements of the risk management process - Control formulation and implementation process - The control formulation process - Creating and documenting control objectives - Creating a management-level control process - Assessing control performance - Measurement-based assurance of controls - Assessing and remediating the control environment - Developing a comprehensive ICT control program - Security control validation and verification - Security control assessment fundamentals - NIST security control assessment process - Control testing and examination application - Control framework sustainment and security of operations - Operational control assurance: aligning purpose with practice - Operational assurance (sensing) – Analysis - Response Management (Responding) - Operational oversight and infrastructure assurance of control set integrity.; M. de ciberseguridad
ER  -