Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Outsourcing Information Security", C. Warren Axelrod

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKOSINSC.RVW 20041210 Outsourcing Information Security , C. Warren Axelrod, 2004, 1-58053-531-3, U$85.00/C$119.50 %A C. Warren Axelrod %C 685 Canton
    Message 1 of 1 , Jan 20, 2005
    • 0 Attachment
      BKOSINSC.RVW 20041210

      "Outsourcing Information Security", C. Warren Axelrod, 2004,
      1-58053-531-3, U$85.00/C$119.50
      %A C. Warren Axelrod
      %C 685 Canton St., Norwood, MA 02062
      %D 2004
      %G 1-58053-531-3
      %I Artech House/Horizon
      %O U$85.00/C$119.50 800-225-9977 artech@...
      %O http://www.amazon.com/exec/obidos/ASIN/1580535313/robsladesinterne
      %O http://www.amazon.ca/exec/obidos/ASIN/1580535313/robsladesin03-20
      %O tl a rl 1 tc 1 ta 3 tv 2 wq 2
      %P 248 p.
      %T "Outsourcing Information Security"

      The author states that he intends to raise issues involved in
      outsourcing security in such as way that those working through the
      process will not neglect important areas of concern.

      Chapter one reviews reasons for outsourcing. Lists of threats and
      vulnerabilities, in general, are given in chapter two. Costs are
      examined in chapter three, as a basic discussion of justification for
      outsourcing. Chapter four looks at risks that might be associated
      with outsourcing. Various types of costs, such as intangible,
      subjective, and indirect, are contemplated in chapter five, and costs
      related to different stages of the evaluation process in chapter six.
      Chapter seven investigates a number of issues surrounding the
      development of requirements for system or project development. The
      first chapter that actually seems to talk in detail about security
      outsourcing, rather than just outsourcing itself, is chapter eight,
      which goes through the ten domains of the CISSP (Certified Information
      Systems Security Professional) CBK (Common Body of Knowledge) (and
      some subdomains), determining which of them are particularly
      appropriate for outsourcing, and which are not. Chapter nine outlines
      the outsourcing process as a sequence of steps.

      Axelrod has provided a very solid and useful framework for dealing
      with the many areas that need to be considered if outsourcing is
      sought. Very little is directly relevant to the security function
      itself, but that may simply expand the market for the book. It is
      probably futile to expect that any more guidance could have been
      provided, since the possiblities are so immense, but the summary given
      here still leaves the potential outsourcer with an enormous amount of
      work to do.

      copyright Robert M. Slade, 2004 BKOSINSC.RVW 20041210

      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... slade@... rslade@...
      Murder is a crime. Describing murder is not. Sex is not a crime.
      Describing sex is. - Gershon Legman (b. 1917) American writer
      http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade
    Your message has been successfully submitted and would be delivered to recipients shortly.