Official (ISC)2® Guide to the CAP® CBK®, Second Edition

Official (ISC)2® Guide to the CAP® CBK®, Second Edition

4.11 - 1251 ratings - Source

Significant developments since the publication of its bestselling predecessor, Building and Implementing a Security Certification and Accreditation Program, warrant an updated text as well as an updated title. Reflecting recent updates to the Certified Authorization Professional (CAPAr) Common Body of Knowledge (CBKAr) and NIST SP 800-37, the Official (ISC)2Ar Guide to the CAPAr CBKAr, Second Edition provides readers with the tools to effectively secure their IT systems via standard, repeatable processes. Derived from the authora€™s decades of experience, including time as the CISO for the Nuclear Regulatory Commission, the Department of Housing and Urban Development, and the National Science Foundationa€™s Antarctic Support Contract, the book describes what it takes to build a system security authorization program at the organizational level in both public and private organizations. It analyzes the full range of system security authorization (formerly CaA) processes and explains how they interrelate. Outlining a user-friendly approach for top-down implementation of IT security, the book: Details an approach that simplifies the authorization process, yet still satisfies current federal government criteria Explains how to combine disparate processes into a unified risk management methodology Covers all the topics included in the Certified Authorization Professional (CAPAr) Common Body of Knowledge (CBKAr) Examines U.S. federal polices, including DITSCAP, NIACAP, CNSS, NIAP, DoD 8500.1 and 8500.2, and NIST FIPS Reviews the tasks involved in certifying and accrediting U.S. government information systems Chapters 1 through 7 describe each of the domains of the (ISC)2Ar CAPAr CBKAr. This is followed by a case study on the establishment of a successful system authorization program in a major U.S. government department. The final chapter considers the future of system authorization. The booka€™s appendices include a collection of helpful samples and additional information to provide you with the tools to effectively secure your IT systems.... DR, designated representative; ISO, information system owner; IO/IS, information owner/steward; RE(F) risk executive (function) ..., .hybrid, .and. common.controls.;...

Title:Official (ISC)2® Guide to the CAP® CBK®, Second Edition
Author:Patrick D. Howard
Publisher:CRC Press - 2012-07-18


You Must CONTINUE and create a free account to access unlimited downloads & streaming