Includes bibliographical references and index.

Machine generated contents note: Part I Information Security Infrast ructure -- 1: The Need for Information Security -- 2: Concepts in Infor maiton Security -- 3: Assets, Threats, Vulnerabilities, Risks, and Cont rols -- 4: Security Professionals and Organizations -- 5: Information S ecurity management System -- 6: Implementing Information Security Strat egy into Current Practices, Regulations, and Plans -- Part II Informati on Security Planning Process -- 7: Approaches to Implementing Informati on Security -- 8: Organizational Structure for Mananging Information Se curity -- 9: Asset Management -- 10: Information Security Risk Manageme nt -- 11: Information Security Policy -- 12: Human Resouce Security -- 13: Certification, Accreditation, and Assurance -- Part III Information Security Prevention Process -- 14: Information Security in System Deve lopment -- 15: Physical and Environmental Security Controls -- 16: Info rmation Security Awareness, Training, and Education -- 17: Preventive T ools and Techniques -- 18: Access Control -- Part IV Information Securi ty Detection Process -- 19: Information Security Monitoring Tools and M ethods -- 20: Information Security Measurements and Metrics -- Part V I nformation Security Recovery Process -- 21: Information Security Incide nt Handling -- 22: Computer Forensics -- 23: Business Continuity -- 24: Backup and Restoration -- Appendices.

"Information Assurance Handbook: Effective Computer Security and Ris k Management Strategies discusses the tools and techniques required to prevent, detect, contain, correct, and recover from security breaches a nd other information assurance failures. This practical resource explai ns how to integrate information assurance into your enterprise planning and IT strategy and offers an organizational approach to identifying, implementing, and controlling information assurance initiatives for sma ll business and global enterprises alike"-- Provided by publisher.