Building a cyber risk management program: evolving security for the digital age
Gespeichert in:
| Hauptverfasser: | , , |
|---|---|
| Format: | Elektronisch E-Book |
| Sprache: | English |
| Veröffentlicht: |
Beijing
O'Reilly
[2024]
|
| Schlagworte: | |
| Online-Zugang: | FHD01 |
| Beschreibung: | 1 Online-Ressource (xiv, 204 Seiten) |
| ISBN: | 9781098147754 |
Internformat
MARC
| LEADER | 00000nmm a2200000 c 4500 | ||
|---|---|---|---|
| 001 | BV049494654 | ||
| 003 | DE-604 | ||
| 005 | 20240226 | ||
| 007 | cr|uuu---uuuuu | ||
| 008 | 240110s2024 |||| o||u| ||||||eng d | ||
| 020 | |a 9781098147754 |9 978-1-098-14775-4 | ||
| 035 | |a (OCoLC)1418706378 | ||
| 035 | |a (DE-599)BVBBV049494654 | ||
| 040 | |a DE-604 |b ger |e rda | ||
| 041 | 0 | |a eng | |
| 049 | |a DE-1050 |a DE-83 | ||
| 084 | |a ST 277 |0 (DE-625)143643: |2 rvk | ||
| 100 | 1 | |a Allen, Brian |e Verfasser |4 aut | |
| 245 | 1 | 0 | |a Building a cyber risk management program |b evolving security for the digital age |c Brian Allen and Brandon Bapst with Terry Allan Hicks |
| 264 | 1 | |a Beijing |b O'Reilly |c [2024] | |
| 300 | |a 1 Online-Ressource (xiv, 204 Seiten) | ||
| 336 | |b txt |2 rdacontent | ||
| 337 | |b c |2 rdamedia | ||
| 338 | |b cr |2 rdacarrier | ||
| 505 | 8 | |a Intro -- Copyright -- Table of Contents -- Preface -- Brian's Story -- Brandon's Story -- Bringing It Together -- Who Should Read This Book -- Final Thoughts -- Conventions Used in This Book -- O'Reilly Online Learning -- How to Contact Us -- Acknowledgments -- Chapter 1. Cybersecurity in the Age of Digital Transformation -- The Fourth Industrial Revolution -- Cybersecurity Is Fundamentally a Risk Practice -- Cyber Risk Management Oversight and Accountability -- Digital Transformation and Maturing the Cyber Risk Management Program -- Cybersecurity Isn't Just a "Security" Concern | |
| 505 | 8 | |a Cyber Risk Management Program: An Urgent Enterprise Concern -- This Book's Roadmap -- The Bottom Line -- Chapter 2. The Cyber Risk Management Program -- The SEC Speaks-and the World Listens -- Incident Disclosure ("Current Disclosures") -- Risk Management, Strategy, and Governance Disclosures ("Periodic Disclosures") -- The Cyber Risk Management Program Framework -- Cyber Risk Management Program: Key Drivers -- Satisfying Obligations and Liability -- When Risk Management Fails Completely: The Boeing 737 MAX Disasters -- Risk Management Program Applied to the Boeing Disasters | |
| 505 | 8 | |a "Essential and Mission Critical": The Boeing Case -- Benefits of a Security Risk Program -- Benefit 1: Strategic Recognition of the Security Risk Function -- Benefit 2: Ensuring the Cyber Risk Function Has an Effective Budget -- Benefit 3: Protections for Risk Decision Makers -- CRMP: Systematic but Not Zero-Risk -- Board Accountability and Legal Liability -- The Boeing Ruling and Cyber Risk Oversight Accountability -- CISOs in the Line of Fire for Liability -- The Bottom Line -- Chapter 3. Agile Governance -- The Uber Hack Cover-Up -- What Does Good Governance Look Like? | |
| 505 | 8 | |a Aligning with the Enterprise Governance Strategy -- Seven Principles of Agile Governance -- Principle 1: Establish Policies and Processes -- Principle 2: Establish Governance and Roles and Responsibilities Across the "Three Lines Model" -- Principle 3: Align Governance Practices with Existing Risk Frameworks -- Principle 4: Board of Directors and Senior Executives Define Scope -- Principle 5: Board of Directors and Senior Executives Provide Oversight -- Principle 6: Audit Governance Processes -- Principle 7: Align Resources to the Defined Roles and Responsibilities -- The Bottom Line | |
| 505 | 8 | |a Chapter 4. Risk-Informed System -- Why Risk Information Matters-at the Highest Levels -- Risk and Risk Information Defined -- Five Principles of a Risk-Informed System -- Principle 1: Define a Risk Assessment Framework and Methodology -- Principle 2: Establish a Methodology for Risk Thresholds -- Principle 3: Establish Understanding of Risk-Informed Needs -- Principle 4: Agree on a Risk Assessment Interval -- Principle 5: Enable Reporting Processes -- The Bottom Line -- Chapter 5. Risk-Based Strategy and Execution -- ChatGPT Shakes the Business World -- AI Risks: Two Tech Giants Choose Two Paths | |
| 650 | 0 | 7 | |a Risikomanagement |0 (DE-588)4121590-4 |2 gnd |9 rswk-swf |
| 650 | 0 | 7 | |a Computersicherheit |0 (DE-588)4274324-2 |2 gnd |9 rswk-swf |
| 689 | 0 | 0 | |a Computersicherheit |0 (DE-588)4274324-2 |D s |
| 689 | 0 | 1 | |a Risikomanagement |0 (DE-588)4121590-4 |D s |
| 689 | 0 | |5 DE-604 | |
| 700 | 1 | |a Bapst, Brandon |e Verfasser |4 aut | |
| 700 | 1 | |a Hicks, Terry Allan |e Verfasser |4 aut | |
| 776 | 0 | 8 | |i Erscheint auch als |n Druck-Ausgabe |z 978-1-098-14779-2 |
| 912 | |a ZDB-4-NLEBK |a ZDB-30-PQE | ||
| 999 | |a oai:aleph.bib-bvb.de:BVB01-034839905 | ||
| 966 | e | |u https://ebookcentral.proquest.com/lib/th-deggendorf/detail.action?docID=30985588 |l FHD01 |p ZDB-30-PQE |q FHD01_PQE_Kauf |x Aggregator |3 Volltext | |
Datensatz im Suchindex
| _version_ | 1804186296464179200 |
|---|---|
| adam_txt | |
| any_adam_object | |
| any_adam_object_boolean | |
| author | Allen, Brian Bapst, Brandon Hicks, Terry Allan |
| author_facet | Allen, Brian Bapst, Brandon Hicks, Terry Allan |
| author_role | aut aut aut |
| author_sort | Allen, Brian |
| author_variant | b a ba b b bb t a h ta tah |
| building | Verbundindex |
| bvnumber | BV049494654 |
| classification_rvk | ST 277 |
| collection | ZDB-4-NLEBK ZDB-30-PQE |
| contents | Intro -- Copyright -- Table of Contents -- Preface -- Brian's Story -- Brandon's Story -- Bringing It Together -- Who Should Read This Book -- Final Thoughts -- Conventions Used in This Book -- O'Reilly Online Learning -- How to Contact Us -- Acknowledgments -- Chapter 1. Cybersecurity in the Age of Digital Transformation -- The Fourth Industrial Revolution -- Cybersecurity Is Fundamentally a Risk Practice -- Cyber Risk Management Oversight and Accountability -- Digital Transformation and Maturing the Cyber Risk Management Program -- Cybersecurity Isn't Just a "Security" Concern Cyber Risk Management Program: An Urgent Enterprise Concern -- This Book's Roadmap -- The Bottom Line -- Chapter 2. The Cyber Risk Management Program -- The SEC Speaks-and the World Listens -- Incident Disclosure ("Current Disclosures") -- Risk Management, Strategy, and Governance Disclosures ("Periodic Disclosures") -- The Cyber Risk Management Program Framework -- Cyber Risk Management Program: Key Drivers -- Satisfying Obligations and Liability -- When Risk Management Fails Completely: The Boeing 737 MAX Disasters -- Risk Management Program Applied to the Boeing Disasters "Essential and Mission Critical": The Boeing Case -- Benefits of a Security Risk Program -- Benefit 1: Strategic Recognition of the Security Risk Function -- Benefit 2: Ensuring the Cyber Risk Function Has an Effective Budget -- Benefit 3: Protections for Risk Decision Makers -- CRMP: Systematic but Not Zero-Risk -- Board Accountability and Legal Liability -- The Boeing Ruling and Cyber Risk Oversight Accountability -- CISOs in the Line of Fire for Liability -- The Bottom Line -- Chapter 3. Agile Governance -- The Uber Hack Cover-Up -- What Does Good Governance Look Like? Aligning with the Enterprise Governance Strategy -- Seven Principles of Agile Governance -- Principle 1: Establish Policies and Processes -- Principle 2: Establish Governance and Roles and Responsibilities Across the "Three Lines Model" -- Principle 3: Align Governance Practices with Existing Risk Frameworks -- Principle 4: Board of Directors and Senior Executives Define Scope -- Principle 5: Board of Directors and Senior Executives Provide Oversight -- Principle 6: Audit Governance Processes -- Principle 7: Align Resources to the Defined Roles and Responsibilities -- The Bottom Line Chapter 4. Risk-Informed System -- Why Risk Information Matters-at the Highest Levels -- Risk and Risk Information Defined -- Five Principles of a Risk-Informed System -- Principle 1: Define a Risk Assessment Framework and Methodology -- Principle 2: Establish a Methodology for Risk Thresholds -- Principle 3: Establish Understanding of Risk-Informed Needs -- Principle 4: Agree on a Risk Assessment Interval -- Principle 5: Enable Reporting Processes -- The Bottom Line -- Chapter 5. Risk-Based Strategy and Execution -- ChatGPT Shakes the Business World -- AI Risks: Two Tech Giants Choose Two Paths |
| ctrlnum | (OCoLC)1418706378 (DE-599)BVBBV049494654 |
| discipline | Informatik |
| discipline_str_mv | Informatik |
| format | Electronic eBook |
| fullrecord | <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>04516nmm a2200445 c 4500</leader><controlfield tag="001">BV049494654</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20240226 </controlfield><controlfield tag="007">cr|uuu---uuuuu</controlfield><controlfield tag="008">240110s2024 |||| o||u| ||||||eng d</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781098147754</subfield><subfield code="9">978-1-098-14775-4</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)1418706378</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV049494654</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">rda</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-1050</subfield><subfield code="a">DE-83</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 277</subfield><subfield code="0">(DE-625)143643:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Allen, Brian</subfield><subfield code="e">Verfasser</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Building a cyber risk management program</subfield><subfield code="b">evolving security for the digital age</subfield><subfield code="c">Brian Allen and Brandon Bapst with Terry Allan Hicks</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Beijing</subfield><subfield code="b">O'Reilly</subfield><subfield code="c">[2024]</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">1 Online-Ressource (xiv, 204 Seiten)</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Intro -- Copyright -- Table of Contents -- Preface -- Brian's Story -- Brandon's Story -- Bringing It Together -- Who Should Read This Book -- Final Thoughts -- Conventions Used in This Book -- O'Reilly Online Learning -- How to Contact Us -- Acknowledgments -- Chapter 1. Cybersecurity in the Age of Digital Transformation -- The Fourth Industrial Revolution -- Cybersecurity Is Fundamentally a Risk Practice -- Cyber Risk Management Oversight and Accountability -- Digital Transformation and Maturing the Cyber Risk Management Program -- Cybersecurity Isn't Just a "Security" Concern</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Cyber Risk Management Program: An Urgent Enterprise Concern -- This Book's Roadmap -- The Bottom Line -- Chapter 2. The Cyber Risk Management Program -- The SEC Speaks-and the World Listens -- Incident Disclosure ("Current Disclosures") -- Risk Management, Strategy, and Governance Disclosures ("Periodic Disclosures") -- The Cyber Risk Management Program Framework -- Cyber Risk Management Program: Key Drivers -- Satisfying Obligations and Liability -- When Risk Management Fails Completely: The Boeing 737 MAX Disasters -- Risk Management Program Applied to the Boeing Disasters</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">"Essential and Mission Critical": The Boeing Case -- Benefits of a Security Risk Program -- Benefit 1: Strategic Recognition of the Security Risk Function -- Benefit 2: Ensuring the Cyber Risk Function Has an Effective Budget -- Benefit 3: Protections for Risk Decision Makers -- CRMP: Systematic but Not Zero-Risk -- Board Accountability and Legal Liability -- The Boeing Ruling and Cyber Risk Oversight Accountability -- CISOs in the Line of Fire for Liability -- The Bottom Line -- Chapter 3. Agile Governance -- The Uber Hack Cover-Up -- What Does Good Governance Look Like?</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Aligning with the Enterprise Governance Strategy -- Seven Principles of Agile Governance -- Principle 1: Establish Policies and Processes -- Principle 2: Establish Governance and Roles and Responsibilities Across the "Three Lines Model" -- Principle 3: Align Governance Practices with Existing Risk Frameworks -- Principle 4: Board of Directors and Senior Executives Define Scope -- Principle 5: Board of Directors and Senior Executives Provide Oversight -- Principle 6: Audit Governance Processes -- Principle 7: Align Resources to the Defined Roles and Responsibilities -- The Bottom Line</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Chapter 4. Risk-Informed System -- Why Risk Information Matters-at the Highest Levels -- Risk and Risk Information Defined -- Five Principles of a Risk-Informed System -- Principle 1: Define a Risk Assessment Framework and Methodology -- Principle 2: Establish a Methodology for Risk Thresholds -- Principle 3: Establish Understanding of Risk-Informed Needs -- Principle 4: Agree on a Risk Assessment Interval -- Principle 5: Enable Reporting Processes -- The Bottom Line -- Chapter 5. Risk-Based Strategy and Execution -- ChatGPT Shakes the Business World -- AI Risks: Two Tech Giants Choose Two Paths</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Risikomanagement</subfield><subfield code="0">(DE-588)4121590-4</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="1"><subfield code="a">Risikomanagement</subfield><subfield code="0">(DE-588)4121590-4</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Bapst, Brandon</subfield><subfield code="e">Verfasser</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Hicks, Terry Allan</subfield><subfield code="e">Verfasser</subfield><subfield code="4">aut</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Erscheint auch als</subfield><subfield code="n">Druck-Ausgabe</subfield><subfield code="z">978-1-098-14779-2</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-4-NLEBK</subfield><subfield code="a">ZDB-30-PQE</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-034839905</subfield></datafield><datafield tag="966" ind1="e" ind2=" "><subfield code="u">https://ebookcentral.proquest.com/lib/th-deggendorf/detail.action?docID=30985588</subfield><subfield code="l">FHD01</subfield><subfield code="p">ZDB-30-PQE</subfield><subfield code="q">FHD01_PQE_Kauf</subfield><subfield code="x">Aggregator</subfield><subfield code="3">Volltext</subfield></datafield></record></collection> |
| id | DE-604.BV049494654 |
| illustrated | Not Illustrated |
| index_date | 2024-07-03T23:20:17Z |
| indexdate | 2024-07-10T10:08:52Z |
| institution | BVB |
| isbn | 9781098147754 |
| language | English |
| oai_aleph_id | oai:aleph.bib-bvb.de:BVB01-034839905 |
| oclc_num | 1418706378 |
| open_access_boolean | |
| owner | DE-1050 DE-83 |
| owner_facet | DE-1050 DE-83 |
| physical | 1 Online-Ressource (xiv, 204 Seiten) |
| psigel | ZDB-4-NLEBK ZDB-30-PQE ZDB-30-PQE FHD01_PQE_Kauf |
| publishDate | 2024 |
| publishDateSearch | 2024 |
| publishDateSort | 2024 |
| publisher | O'Reilly |
| record_format | marc |
| spelling | Allen, Brian Verfasser aut Building a cyber risk management program evolving security for the digital age Brian Allen and Brandon Bapst with Terry Allan Hicks Beijing O'Reilly [2024] 1 Online-Ressource (xiv, 204 Seiten) txt rdacontent c rdamedia cr rdacarrier Intro -- Copyright -- Table of Contents -- Preface -- Brian's Story -- Brandon's Story -- Bringing It Together -- Who Should Read This Book -- Final Thoughts -- Conventions Used in This Book -- O'Reilly Online Learning -- How to Contact Us -- Acknowledgments -- Chapter 1. Cybersecurity in the Age of Digital Transformation -- The Fourth Industrial Revolution -- Cybersecurity Is Fundamentally a Risk Practice -- Cyber Risk Management Oversight and Accountability -- Digital Transformation and Maturing the Cyber Risk Management Program -- Cybersecurity Isn't Just a "Security" Concern Cyber Risk Management Program: An Urgent Enterprise Concern -- This Book's Roadmap -- The Bottom Line -- Chapter 2. The Cyber Risk Management Program -- The SEC Speaks-and the World Listens -- Incident Disclosure ("Current Disclosures") -- Risk Management, Strategy, and Governance Disclosures ("Periodic Disclosures") -- The Cyber Risk Management Program Framework -- Cyber Risk Management Program: Key Drivers -- Satisfying Obligations and Liability -- When Risk Management Fails Completely: The Boeing 737 MAX Disasters -- Risk Management Program Applied to the Boeing Disasters "Essential and Mission Critical": The Boeing Case -- Benefits of a Security Risk Program -- Benefit 1: Strategic Recognition of the Security Risk Function -- Benefit 2: Ensuring the Cyber Risk Function Has an Effective Budget -- Benefit 3: Protections for Risk Decision Makers -- CRMP: Systematic but Not Zero-Risk -- Board Accountability and Legal Liability -- The Boeing Ruling and Cyber Risk Oversight Accountability -- CISOs in the Line of Fire for Liability -- The Bottom Line -- Chapter 3. Agile Governance -- The Uber Hack Cover-Up -- What Does Good Governance Look Like? Aligning with the Enterprise Governance Strategy -- Seven Principles of Agile Governance -- Principle 1: Establish Policies and Processes -- Principle 2: Establish Governance and Roles and Responsibilities Across the "Three Lines Model" -- Principle 3: Align Governance Practices with Existing Risk Frameworks -- Principle 4: Board of Directors and Senior Executives Define Scope -- Principle 5: Board of Directors and Senior Executives Provide Oversight -- Principle 6: Audit Governance Processes -- Principle 7: Align Resources to the Defined Roles and Responsibilities -- The Bottom Line Chapter 4. Risk-Informed System -- Why Risk Information Matters-at the Highest Levels -- Risk and Risk Information Defined -- Five Principles of a Risk-Informed System -- Principle 1: Define a Risk Assessment Framework and Methodology -- Principle 2: Establish a Methodology for Risk Thresholds -- Principle 3: Establish Understanding of Risk-Informed Needs -- Principle 4: Agree on a Risk Assessment Interval -- Principle 5: Enable Reporting Processes -- The Bottom Line -- Chapter 5. Risk-Based Strategy and Execution -- ChatGPT Shakes the Business World -- AI Risks: Two Tech Giants Choose Two Paths Risikomanagement (DE-588)4121590-4 gnd rswk-swf Computersicherheit (DE-588)4274324-2 gnd rswk-swf Computersicherheit (DE-588)4274324-2 s Risikomanagement (DE-588)4121590-4 s DE-604 Bapst, Brandon Verfasser aut Hicks, Terry Allan Verfasser aut Erscheint auch als Druck-Ausgabe 978-1-098-14779-2 |
| spellingShingle | Allen, Brian Bapst, Brandon Hicks, Terry Allan Building a cyber risk management program evolving security for the digital age Intro -- Copyright -- Table of Contents -- Preface -- Brian's Story -- Brandon's Story -- Bringing It Together -- Who Should Read This Book -- Final Thoughts -- Conventions Used in This Book -- O'Reilly Online Learning -- How to Contact Us -- Acknowledgments -- Chapter 1. Cybersecurity in the Age of Digital Transformation -- The Fourth Industrial Revolution -- Cybersecurity Is Fundamentally a Risk Practice -- Cyber Risk Management Oversight and Accountability -- Digital Transformation and Maturing the Cyber Risk Management Program -- Cybersecurity Isn't Just a "Security" Concern Cyber Risk Management Program: An Urgent Enterprise Concern -- This Book's Roadmap -- The Bottom Line -- Chapter 2. The Cyber Risk Management Program -- The SEC Speaks-and the World Listens -- Incident Disclosure ("Current Disclosures") -- Risk Management, Strategy, and Governance Disclosures ("Periodic Disclosures") -- The Cyber Risk Management Program Framework -- Cyber Risk Management Program: Key Drivers -- Satisfying Obligations and Liability -- When Risk Management Fails Completely: The Boeing 737 MAX Disasters -- Risk Management Program Applied to the Boeing Disasters "Essential and Mission Critical": The Boeing Case -- Benefits of a Security Risk Program -- Benefit 1: Strategic Recognition of the Security Risk Function -- Benefit 2: Ensuring the Cyber Risk Function Has an Effective Budget -- Benefit 3: Protections for Risk Decision Makers -- CRMP: Systematic but Not Zero-Risk -- Board Accountability and Legal Liability -- The Boeing Ruling and Cyber Risk Oversight Accountability -- CISOs in the Line of Fire for Liability -- The Bottom Line -- Chapter 3. Agile Governance -- The Uber Hack Cover-Up -- What Does Good Governance Look Like? Aligning with the Enterprise Governance Strategy -- Seven Principles of Agile Governance -- Principle 1: Establish Policies and Processes -- Principle 2: Establish Governance and Roles and Responsibilities Across the "Three Lines Model" -- Principle 3: Align Governance Practices with Existing Risk Frameworks -- Principle 4: Board of Directors and Senior Executives Define Scope -- Principle 5: Board of Directors and Senior Executives Provide Oversight -- Principle 6: Audit Governance Processes -- Principle 7: Align Resources to the Defined Roles and Responsibilities -- The Bottom Line Chapter 4. Risk-Informed System -- Why Risk Information Matters-at the Highest Levels -- Risk and Risk Information Defined -- Five Principles of a Risk-Informed System -- Principle 1: Define a Risk Assessment Framework and Methodology -- Principle 2: Establish a Methodology for Risk Thresholds -- Principle 3: Establish Understanding of Risk-Informed Needs -- Principle 4: Agree on a Risk Assessment Interval -- Principle 5: Enable Reporting Processes -- The Bottom Line -- Chapter 5. Risk-Based Strategy and Execution -- ChatGPT Shakes the Business World -- AI Risks: Two Tech Giants Choose Two Paths Risikomanagement (DE-588)4121590-4 gnd Computersicherheit (DE-588)4274324-2 gnd |
| subject_GND | (DE-588)4121590-4 (DE-588)4274324-2 |
| title | Building a cyber risk management program evolving security for the digital age |
| title_auth | Building a cyber risk management program evolving security for the digital age |
| title_exact_search | Building a cyber risk management program evolving security for the digital age |
| title_exact_search_txtP | Building a cyber risk management program evolving security for the digital age |
| title_full | Building a cyber risk management program evolving security for the digital age Brian Allen and Brandon Bapst with Terry Allan Hicks |
| title_fullStr | Building a cyber risk management program evolving security for the digital age Brian Allen and Brandon Bapst with Terry Allan Hicks |
| title_full_unstemmed | Building a cyber risk management program evolving security for the digital age Brian Allen and Brandon Bapst with Terry Allan Hicks |
| title_short | Building a cyber risk management program |
| title_sort | building a cyber risk management program evolving security for the digital age |
| title_sub | evolving security for the digital age |
| topic | Risikomanagement (DE-588)4121590-4 gnd Computersicherheit (DE-588)4274324-2 gnd |
| topic_facet | Risikomanagement Computersicherheit |
| work_keys_str_mv | AT allenbrian buildingacyberriskmanagementprogramevolvingsecurityforthedigitalage AT bapstbrandon buildingacyberriskmanagementprogramevolvingsecurityforthedigitalage AT hicksterryallan buildingacyberriskmanagementprogramevolvingsecurityforthedigitalage |