This website uses cookies. View our cookie policy
Select regional store:
Information Security Management Principles: An ISEB Certificate

Information Security Management Principles - Second Edition

SKU: 2121
Authors: David Alexander, Amanda Finch, David Sutton and Andy Taylor
Publishers: British Computer Society
Format: Softcover
ISBN13: 9781780171753
ISBN10: 1780171757
Pages: 220
Published: 18 Jun 2013
Availability: In Stock
This guide from the British Computer society (BCS) offers clear and comprehensive information on information security management and also supports the BCS Certificate in Information Security Management Principles (CISMP).
Price: $39.00


The official textbook for the BCS Certificate in Information Security Management Principles (CISMP) qualification.

Now in its second edition, Information Security Management Principles has been updated to reflect the latest changes in the CISMP syllabus as well as technological developments such as Cloud Computing. The remainder of the contents have been reviewed and reordered to reflect the changes to the BCS CISMP, which the book supports.

Information Security Management Principles focuses on the three main areas of information assurance (confidentiality, integrity and availability) and provides business and IT managers the skills to identify threats and protect against them.

  • Better understand information threats, vulnerabilities and countermeasures.
  • Manage emerging risks caused by ‘hyper-connectivity’.
  • Learn best practice from experienced authors.
  • Includes security of cloud-based resources.
  • Supports BCS Certification in IS Management Principles.


"The best thing about the book is the inclusion of a case helps the reader to not only understand the topics provided in the text but to also try to apply them to real world challenges and situations. It makes the book very easy to understand and comprehend and the effort required to remember or memorise the difficult concepts becomes negligible". Manish Sehgal

Click to expand full contents »

  1. Information Security Principles
    Concepts and definitions
    The need for, and benefits of, information security
    Pointers for activities in this chapter

  2. Information Risk
    Threats to, and vulnerabilities of, information systems
    Risk management
    Pointers for activities in this chapter

  3. Information Security Framework
    Organisation and responsibilities
    Organisational policy standards and procedures
    Information security governance
    Information security implementation
    Security incident management
    Legal framework
    Security standards and procedures
    Pointers for activities in this chapter

  4. Procedural and People Security Controls
    User Access Controls
    Training and awareness
    Pointers for activities in this chapter

  5. Technical Security Controls
    Protection from malicious software
    Networks and communications
    External services
    Cloud computing
    IT infrastructure
    Pointers for activities in this chapter

  6. Software Development and Life Cycle
    Testing, audit and review
    Systems development and support
    Pointers for activities in this chapter

  7. Physical and Environmental Security
    Learning outcomes
    General controls
    Physical security
    Technical security
    Procedural security
    Protection of equipment
    Processes to handle intruder alerts
    Clear screen and desk policy
    Moving property on and off site
    Procedures for secure disposal
    Security requirements in delivery and loading areas
    Pointers for activities in this chapter

  8. Disaster Recovery and Business Continuity Management
    Learning outcomes
    DR/BCP, risk assessment and impact analysis
    Writing and implementing plans
    Documentation, maintenance and testing
    Links to managed service provision and outsourcing
    Secure off-site storage of vital material
    Involvement of personnel, suppliers and IT systems providers
    Security incident management
    Compliance with standards
    Pointers for the activity in this chapter

  9. Other Technical Aspects
    Investigations and forensics
    Role of cryptography
    Pointers for the activity in this chapter

Customer Reviews

(0# of Ratings:)