You might also look at Bruce Schneier's Secrets & Lies. It has a lot about risk assessment, and what security really is all about.
I own several of his other books also, though I've only read this one and Applied Cryptography so far. Warren On 7/12/05, Phillip Rhodes <[EMAIL PROTECTED]> wrote: > > Kevin Flanagan wrote: > > > > I am now a part of the Information Security team at work, we are just > > starting the process of creating a formal "Program for vulnerability > > assessments", by program we mean process, documentation, and tools. > > I recommend the book "Principles of Information Security" by Michaael E. > Whitman and Herbert J. Mattord. There is a lot of great information > in there regarding the process and management aspects of security. Not > a lot of technical information, but some good stuff on risk assessment > and security process stuff. Some of the material is a little dry, and > most hard-core techies will find it chuffing boring, but the material > is valuable, IMO. > > HTH, YMMV, etc... > > > TTYL, > > > Phil > -- > North Carolina - First In Freedom > > Free America - Vote Libertarian > www.lp.org <http://www.lp.org> > > -- > TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug > TriLUG Organizational FAQ : http://trilug.org/faq/ > TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ > TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc > -- http://warrenmyers.com "God may not play dice with the universe, but something strange is going on with the prime numbers." --Paul Erdős
-- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
