Print Textbook & Case Study Lab Access: 180-day subscription. Please confirm the ISBNs used in your course with your instructor before placing your order; your institution may use a custom integration or an access portal that requires a different access code. The Second Edition of Auditing IT Infrastructures for Compliance provides a unique, in-depth look at recent U.S. based Information systems and IT infrastructures compliance laws in both the public and private sector. Written by industry experts, this book provides a comprehensive explanation of how to audit IT infrastructures for compliance based on the laws and the need to protect and secure business and consumer privacy data. Using examples and exercises, this book incorporates hands-on activities to prepare readers to skillfully complete IT compliance auditing.

The Laboratory Manual Version 1.5 To Accompany Auditing IT Infrastructures For Compliance Is The Lab Companion To Martin Weiss And Michael G. Solomon's Auditing IT Infrastructure For Compliance. It Provides Hands-On Exercises, Each With Measurable Learning Outcomes About The Series Visit Www.Issaseries.Com For A Complete Look At The Series! The Jones & Bartlett Learning Information System & Assurance Series Delivers Fundamental IT Security Principles Packed With Real-World Applications And Examples For IT Security, Cybersecurity, Information Assurance, And Information Systems Security Programs. Authored By Certified Information Systems Security Professionals (Cissps), And Reviewed By Leading Technical Experts In The Field, These Books Are Current, Forward-Thinking Resources That Enable Readers To Solve The Cybersecurity Challenges Of Today And Tomorrow.

Print Textbook & Case Study Lab Access: 180-day subscription. Revised and updated to address the many changes in this evolving field, the Second Edition of Legal Issues in Information Security addresses the area where law and information security concerns intersect. Information systems security and legal compliance are now required to protect critical governmental and corporate infrastructure, intellectual property created by individuals and organizations alike, and information that individuals believe should be protected from unreasonable intrusion. Organizations must build numerous information security and privacy responses into their daily operations to protect the business itself, fully meet legal requirements, and to meet the expectations of employees and customers. Labs: Lab 1: Creating an IT Infrastructure Asset List and Identifying Where Privacy Data Resides Lab 2: Case Study on U.S. Veteran Affairs and Loss of Private Information Lab 3: Case Study on PCI DSS Non-Compliance: CardSystems Solutions Lab 4: Analyzing and Comparing GLBA and HIPAA Lab 5: Case Study on Issues Related to Sharing Consumers' Confidential Information Lab 6: Identifying the Scope of Your State's Data and Security Breach Notification Law Lab 7: Case Study on Digital Millennium Copyright Act: Napster Lab 8: Cyberstalking or Cyberbullying and Laws to Protect Individuals Lab 9: Recommending IT Security Policies to Help Mitigate Risk Lab 10: Case Study on Computer Forensics: Pharmaceutical Company

"Auditing IT Infrastructures for Compliance, Second Edition provides a unique, in-depth look at U.S. based Information systems and IT infrastructures compliance laws in the public and private sector. This book provides a comprehensive explanation of how to audit IT infrastructures for compliance based on the laws and the need to protect and secure

This second edition provides a comprehensive overview of the SSCP Risk, Response, and Recovery Domain in addition to providing a thorough overview of risk management and its implications on IT infrastructures and compliance. Written by industry experts, and using a wealth of examples and exercises, this book incorporates hands-on activities to walk the reader through the fundamentals of risk management, strategies and approaches for mitigating risk, and the anatomy of how to create a plan that reduces risk. It provides a modern and comprehensive view of information security policies and frameworks; examines the technical knowledge and software skills required for policy implementation; explores the creation of an effective IT security policy framework; discusses the latest governance, regulatory mandates, business drives, legal considerations, and much more. --

PART OF THE JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES Revised and updated with the latest information from this fast-paced field, Fundamentals of Information System Security, Second Edition provides a comprehensive overview of the essential concepts readers must know as they pursue careers in information systems security. The text opens with a discussion of the new risks, threats, and vulnerabilities associated with the transformation to a digital world, including a look at how business, government, and individuals operate today. Part 2 is adapted from the Official (ISC)2 SSCP Certified Body of Knowledge and presents a high-level overview of each of the seven domains within the System Security Certified Practitioner certification. The book closes with a resource for readers who desire additional material on information security standards, education, professional certifications, and compliance laws. With its practical, conversational writing style and step-by-step examples, this text is a must-have resource for those entering the world of information systems security. New to the Second Edition: - New material on cloud computing, risk analysis, IP mobility, OMNIBus, and Agile Software Development. - Includes the most recent updates in Information Systems Security laws, certificates, standards, amendments, and the proposed Federal Information Security Amendments Act of 2013 and HITECH Act. - Provides new cases and examples pulled from real-world scenarios. - Updated data, tables, and sidebars provide the most current information in the field.

"This book offers a comprehensive, end-to-end view of information security policies and frameworks from the raw organizational mechanics of building to the psychology of implementation. Written by an industry expert, it presents an effective balance between technical knowledge and soft skills, and introduces many different concepts of information security in clear simple terms such as governance, regulator mandates, business drivers, legal considerations, and much more. With step-by-step examples and real-world exercises, this book is a must-have resource for students, security officers, auditors, and risk leaders looking to fully understand the process of implementing successful sets of security policies and frameworks."--