Overview
The Information Protection Playbook is a comprehensive resource for information protection (IP) professionals who must provide adequate at a reasonable cost. It emphasizes a holistic view of IP: one that protects applications, systems, and networks that deliver business information from failures of confidentiality, integrity, availability, trust and accountability, and privacy. Using the guidelines in the playbook, security and IT managers will learn to implement the five functions of an IP framework: governance, program planning, risk management, incident response management, and program administration. These functions are based on a model promoted by the Information Systems Audit and Control Association (ISACA) and validated by thousands of Certified Information Security Managers. The extensive appendices at the end of the book are an excellent resource for security or IT managers building an IP program. They include a board of directors presentation with sample slides; an IP policy document checklist; a risk prioritization procedure matrix, a facility management self-assessment questionnaire; and a representative job descriptions for IP roles. The Information Protection Playbook is a part of Elsevier\'s Security Executive Council Risk Management Portfolio-real-world solutions and "how-to" guidelines that provide executives, practitioners, and educators with proven information for successful security and risk management programs.