331
Index
CISA certification, 211–12
defined, 211
Information systems (IS) audit process, 225–
28
access control, 226–27
application software development, 227
corporate security program planning/
management, 226
critical areas, 225–26
misuse/abuse examples, 226
segregation of duties, 228
service continuity, 228
system software, 227–28
Information systems security audit team
leader (ISSATL), 214
Infrastructure attacks, xxvii
Insider threats, 313–14
Insurance
considerations, 159–60
fraud, xxv
Internal access controls, lii–lv
ACLs, liii–liv
constrained user interfaces, liv–lv
encryption, lii–liii
passwords, lii
See also Access controls
Internal power failure, 57
Internet
fraud, xxiv–xxvii
use, 305
Intrusion detection systems (IDSs), 105
Intrusion prevention systems (IPSs), 105
Investment fraud, xxv
ISO 9002, 12
ISO/IEC Technical Report (TR), 12
ISO/International Electrotechnical
Commission (IEC), 12
IT personnel, contact information, 89–90
IT suppliers, 90
IT systems
as business recovery activity, 186–87
dependencies, 87–88
dependencies, specifying, 88–89
failure, 61
fault tolerance, 136–37
high availability, 136–37
identifying, 89
recovery, 136–52
storage solutions, 137–45
vendor contact list, 86
John the Ripper, lxii–lxiii
Journaling, 141–42
Key personnel, 115–29
administration team, 121
appointment letters, 116–17
backup/recovery and, 152
business function recovery team, 121–22
business recovery team, 120
command center team, 122
damage assessment team, 122
disaster recovery team, 119–20
emergency contact information, 118
emergency management team, 122–23
emergency purchasing team, 123
equipment installation team, 123–24
executive management team, 124
facilities preparation team, 124–25
finance team, 125–26
functional organizational chart, 116
information services team, 126–27
legal team, 127
manpower recovery strategies, 118–19
physical security team, 127–28
public relations team, 128
recovery teams, 119–29
team leaders, 128–29
team members, 129
Kick-off meeting, 16–17
Get Business Continuity and Disaster Recovery for InfoSec Managers now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
