|
|
 |
|
|
|
Outlines Part 1: IntroductionSecurity Architecture Module 1: Meaning of SecurityThe Cultural Legacy: business Prevention Measuring and Prioritizing Business Risk Information Security as the Enabler of Business Adding Value to the Core Product Empowering the Customers Protecting Relationships and Leveraging Trust To Summarize: What Does Security Means? Module 2: The Meaning of ArchitectureThe Origin of Architecture Managing Complexity Information Systems Architecture Enterprise Security Architecture Why Architecture Sometimes fail to deliver Benefit – and How to Avoid that Fate? Security Architecture Needs a Holistic Approach To Summarize: What Does Architecture Means? Module 3: Security Architecture ModelThe SABSA Model The Architect’s Model The Designer’s Model The Builder’s Model The Tradesman’s Model The Facilities Manager’s View The Inspector’s View The SABSA Matrix Detailed SABSA Matrix for the Operational Layer To Summarize: The Security Architecture Model Module 4: Case StudyModule 5: A Systems ApproachThe Role of System Engineering Why a System Approach? What Does a System Approach Make You Do? The Need for System Engineering in Security Architecture Some Basic Concepts The Control System Concept Using the Systems Approach in Security Architecture Advanced Modeling Techniques To Summarize: A Systems Approach Module 6: Measuring Return on Investment in Security ArchitectureWhat is Meant by ‘Return on Investment’? Why Do You Need Metrics? The Security Management Dashboard The Balanced Scorecard Approach Business Drivers and Traceability Business Attributes and Metrics Setting Up a Metrics Framework Maturity Models Applied to Security Architecture Module 7: Practical Guide ManualUsing the SABSA Model to Define a Development Process Strategy and Concept Phase Design Phase Implementation Phase Manage and Measure Phase To Summarize: How to use this Book as a Practical Guide Module 8: Managing Security Architecture ProgramSelling the Benefits of Security Architecture Getting Sponsorship and Budget Building a Team Getting Started: Fast Track Workshops Program Planning and Management Collecting the Information You Need Architecture Governance and Compliance Architecture Maintenance Long-Term Confidence of Senior Management To Summarize: Managing the Security Architecture Program
Part 2: Strategy & Planning Strategy and Planning Contextual Security Architecture Conceptual Security Architecture Module 9: Contextual Security ArchitectureBusiness Needs for Information Security Security as a Business Enabler Digital Business Operational Continuity and Stability Safety-Critical Dependencies Business Goals, Success Factors and Operational Risks Organization and Relationships Affecting Business Security Needs Location Dependence of Business Security Needs To Summarize: Contextual Security Architecture Module 10: Conceptual Security ArchitectureConceptual Thinking Business Attributes Profile Control Objectives Security Strategies and Architectural Layering Security Entity Model and Trust Framework Security Domain Model Security Lifetimes and Deadlines Assessing the Current State of Your Security Architecture To Summarize: Conceptual Security Architecture
Part 3: Design Design Logical Security Architecture Physical Security Architecture Component Security Architecture Module 11: Logical Security ArchitectureBusiness Information Model Security Policies Security Services Application and Systems Security Services Security Management Services Entity Schema and Privilege Profiles Security Domain Definition and Associations Security Improvement Program To Summarize: Logical Security Architecture Module 12: Physical Security ArchitectureBusiness Data Model Security Rules, Practices and Procedures Security Mechanisms User and Application Security Platform and Network Infrastructure Security Control Structure Execution To Summarize: Physical Security Architecture Module 13: Component Security ArchitectureDetailed Data Structures Security Standards Security Products and Tools Identities, Functions, Actions and ACLs Process, Nodes, Addresses and Protocols Security Step-Timing and Sequencing To Summarize: Component Security Architecture
Part 4: Operations Operations Operations Security Architecture Module 14: Security Policy ManagementThe Meaning of Security Policy Structuring the Content of a Security Policy Policy Hierarchy and Architecture Corporate Security Policy Policy Principles Information Classification System Classification CA and RA Security Policies Application System Security Policies Platform Security Policies Network Security Policies Other Infrastructure Security Policies Security Organization and Responsibilities Security Culture Development Outsourcing Strategy and Policy Management To Summarize: Security Policy Management Module 15: Operational Risk ManagementIntroduction to Operational Risk Management Regulatory Drivers for Operational Risk Management The Complexity of Operational Risk Management Approaches to Risk Management Managing Operational Risk Risk Mitigation Risk-Based Security Reviews Risk Financing The Risk Management Dashboard To Summarize: Operational Risk Management Module 16: Assurance ManagementAssurance of Operational Continuity Organizational Security Audits System Security Audits System Assurance Strategy Functional Testing Penetration Testing To Summarize: Assurance Management Module 17: Security Administration and OperationsIntroduction to Security Administration and Operations Managing the People Managing Physical and Environmental Security Managing ICT Operational and Support Access Control Management Compliance Management Security-Specific Operations Managed Security Services Product Evaluation and Selection Business Continuity Management To Summarize: Security Administration and Operations
|
