Measuring and Managing Information Risk
A FAIR Approach
- Publisher's listprice EUR 51.95
-
20 291 Ft (19 325 Ft + 5% VAT)
The price is estimated because at the time of ordering we do not know what conversion rates will apply to HUF / product currency when the book arrives. In case HUF is weaker, the price increases slightly, in case HUF is stronger, the price goes lower slightly.
- Discount 10% (cc. 2 029 Ft off)
- Discounted price 18 262 Ft (17 393 Ft + 5% VAT)
Subcribe now and take benefit of a favourable price.
Subscribe
20 291 Ft
Availability
printed on demand
Why don't you give exact delivery time?
Delivery time is estimated on our previous experiences. We give estimations only, because we order from outside Hungary, and the delivery time mainly depends on how quickly the publisher supplies the book. Faster or slower deliveries both happen, but we do our best to supply as quickly as possible.
Product details:
- Edition number 2
- Publisher Elsevier Science
- Date of Publication 8 December 2025
- ISBN 9780443134845
- Binding Paperback
- No. of pages380 pages
- Size 235x191 mm
- Weight 770 g
- Language English 669
Categories
Long description:
Measuring and Managing Information Risk: A FAIR Approach, Second Edition provides a proven and credible framework for understanding, measuring, and analyzing information risk of any size or complexity using the Factor Analysis of Information Risk (FAIR) methodology developed over ten years and adopted by corporations worldwide. This new edition covers such key areas as risk theory, risk calculation, scenario modeling, and communicating risk within the organization, and also includes new chapters and essays from industry professionals. It provides a step-by-step guide to help managers make better business decisions by understanding their organizational risk.
The field has advanced significantly in the past 10 years and this all-new edition reiterates the importance of the foundations of risk measurement but adds information about modern methods to integrate quantitative risk assessment methods into your security programs. This includes the integration of security telemetry data, outside data sources, approaches to automating FAIR assessments, and how to align methods and programs to security standards and regulations. Further discussed is how such approaches are being used by third-party agencies to provide CRQ data to the investors, underwriters, and regulators. This book is a valuable resource for all those who need the foundations, methods, and techniques for measuring, assessing, and communicating cyber risk to enable an organization to build an organizational IT risk management program. It serves as both a practical how-to guide for those new to the industry as well as tenured professionals that need a formalized guide for implementation.
Table of Contents:
1. Introduction
2. Risk Concepts
3. FAIR Risk Ontology
4. FAIR Terminology
5. Measurement
6. Analysis Process
7. Interpreting Results
8. Risk Analysis Examples
9. Common Problems
10. Controls
11. Standards and Regulatory Alignment
12. Organizational Risk Decision Making
13. Metrics
14. Implementing Risk Management
15. Building Quantitative Risk Programs
16. Assessment Automation
17. Risk Measurement Red Flags
18. Invited Contribution
