Critical Infrastructure Risk Assesment (Registro nro. 6921)
[ vista simple ]
| 000 -LEADER | |
|---|---|
| fixed length control field | 08767nam a22001697a 4500 |
| INTERNATIONAL STANDARD BOOK NUMBER | |
| ISBN | 9781944480714 |
| NÚMERO DE CLASIFICACION DECIMAL DEWEY | |
| Numero de Clasificacion | 613.62 |
| Numero de Item | H414c |
| ENTRADA PRINCIPAL--NOMBRE DE AUTOR | |
| Autor | Ernie Hayden |
| TITULO | |
| Titulo | Critical Infrastructure Risk Assesment |
| Subtitulo del Libro | The Definitive Threat Identification and Threat Reduction Handbook |
| NUMERO DE EDICION | |
| Número de Edicion | 1a. Edition |
| PUBLICACION, DISTRIBUCION, ETC. (IMPRESION) | |
| Lugar de Publicacion | USA |
| Nombre de la Editorial | Rothstein Publishing |
| Año de Publicación | 2020 |
| DESCRIPCION FISICA | |
| Número de Paginas | 336 p. |
| FORMATO DE NOTAS DE CONTENIDO | |
| Formato de Notas de Contenido | CONTENTS WHAT THEY’RE SAYING ABOUT CRITICAL INFRASTRUCTURE RISK ASSESSMENT iii DEDICATION AND ACKNOWLEDGEMENTS v The Genesis v Dedications v Acknowledgements vi Foreword by Kirk Bailey vii Foreword by Peter Gregory xi CONTENTS xv Introduction 1 “Oh, Crap!” 1 In this chapter you will discover: 2 Who Should Read This Book? 3 What Risk? 4 What is a Risk Assessment? 5 The Risk Assessment Flow Chart 6 Your Job 8 REFERENCES 8 PART I FOUNDATIONS 9 Chapter 1 Just What is Critical Infrastructure? 11 1.1 What is Critical Infrastructure? 12 1.2 Critical Infrastructure Conceptual Development – United States 17 1.2.1 Mid-1990’s – Executive Order 13010 18 1.2.2 1998 – Presidential Decision Directive (PDD) 63 22 1.2.3 2001 (Post 9/11) Executive Order 13228 25 1.2.4 2001 (Post 9/11) USA PATRIOT Act 27 1.2.5 2002 National Strategy for Homeland Security 28 1.2.6 2003 National Strategy for Physical Infrastructure Protection 30 1.2.7 2003 Homeland Security Presidential Directive (HSPD-7) 32 1.2.8 2013 Presidential Policy Directive 21 – Critical Infrastructure Security and Resilience (PPD-21) 32 1.3 International Perspectives on Critical Infrastructure 35 1.3.1 United Kingdom 36 1.3.2 Australia 39 1.3.3 New Zealand 41 1.3.4 European Union 42 1.3.5 Germany 45 1.3.6 Netherlands 47 1.3.7 Japan 48 1.4 Critical Infrastructure – A Missing Sector 50 1.5 Critical Infrastructure Interdependencies 52 1.5.1 Seattle Tacoma Airport Oil Pipeline Interdependencies 53 1.5.2 Critical Infrastructure Interdependencies with Orbiting Satellites 54 1.5.3 The Expansive Nature of Interdependencies and Critical Infrastructure 55 1.6 Conclusion 58 1.7 Questions for Further Thought and Discussion 58 REFERENCES 60 Chapter 2 Risk and Risk Management 65 2.1 What is Risk? 66 2.1.1 Threat 67 2.1.2 Vulnerability 74 2.1.3 Probability 75 2.1.4 Consequences or Impact 75 2.1.5 Nuances of Risk 76 2.1.6 Risk Appetite and Tolerance 79 2.1.7 Risk Velocity 81 2.2 Risk Management 81 2.2.1 Risk Management Principles 82 2.2.2 Addressing Risk 83 2.2.3 Risk Management Process 84 2.2.4 Risk Management Focus – Component or System 86 2.2.5 Risk Management Focus – Defensive and Offensive 89 2.2.6 Risk Management Focus – Checklist Approach 90 2.2.7 Risk Management – Convenience vs Liability or Risk 91 2.2.8 Risk Management – Summary Guidance 94 2.2 The Next Chapter – Risk Assessment 95 2.3 Questions for Further Thought and Discussion 95 REFERENCES 97 Chapter 3 Risk Assessment 99 In this chapter you will: 99 3.1 Definitions of Risk Assessment 100 3.2 Assessment Foundational Principles, Scope, and Applicability 103 3.3 Application of Risk Assessments 104 3.4 Risk Assessment Techniques 105 3.4.1 Ad-hoc Risk Assessment 105 3.4.2 Deductive Risk Assessment 106 3.4.3 Inductive Risk Assessment 107 3.4.4 Targeted Risk Assessment 107 3.5 Assessment Approaches – Qualitative vs Quantitative 107 3.6 Dynamic Risk Assessment 108 3.7 Difference Between Assessment and Audit 110 3.8 Assessment Models 112 3.8.1 ISO 31000 112 3.8.2 NIST SP 800-30, R1 – Guide for Conducting Risk Assessments 114 3.8.3 NIST SP 800-30, R0 – Risk Management Guide for Information Technology Systems 116 3.8.4 Cyber Security Assessments of Industrial Control Systems – Good Practice Guide 123 3.8.5 Hybrid Risk Assessment Flow Chart 125 3.9 Assessment Process 127 3.9.1 Pre-assessment/Planning 127 3.9.2 Conducting the Assessment 129 3.9.3 Reporting 130 3.10 Questions for Further Thought and Discussion 131 REFERENCES 132 PART II HANDBOOK 137 Chapter 4 Pre-Assessment 139 In this chapter you will discover: 139 4.1 Planning 141 4.2 Identify Team Members 142 4.3 Identify Assessment Goals 144 4.4 Collect Artifacts, Templates, Preliminary Documentation 145 4.5 Define the Assessment Plan 146 4.6 Hold the Initial Team Meeting 147 4.7 Client Kick Off Call 149 4.8 Data Requests to Client 152 4.9 Packing & Travel Planning 154 4.10 Devising the Work Plan 159 4.10.1 Example Site Risk Assessment Visit Plan 160 4.10.2 Preparing Your Steno Pad 165 4.10.3 Pre-Checking Control System Assets for Vulnerabilities 167 4.11 Excited to Start the Assessment 169 REFERENCES 170 Chapter 5 The Power of the Observation 171 In this chapter you will discover: 172 5.1 An Introduction to the History of Observations 174 5.2 Just What is an “Observation?” 177 5.2 Observation Format 178 5.3 Critical Thinking 182 5.3.1 Asking “Why?” 183 5.3.2 Communicating Your Observations 184 5.3.3 Raising Issues 184 5.4 Unintended Influence of the Observation on Performance of Work 185 5.5 Writing the Observation 186 5.6 The Power of the Observation 186 REFERENCES 187 Chapter 6 On Site 189 In this chapter you will discover: 190 6.1 On Site Arrival – Entrance Meeting 192 6.2 Example Site Schedule and Activities 193 6.3 Conducting Interviews 195 6.4 Photographs 197 6.5 Site Facility Inspections 197 6.5.1 Tools of the Inspection Trade 199 6.5.2 Inspection Data Collection 201 6.5.3 Tour Planning 205 6.5.4 “Working a Room” 208 6.6 Technical Reviews 211 6.7 Daily Team Meetings 221 6.8 Development of Strengths & Weaknesses 223 6.9 Site Exit Meeting 223 Questions to Consider 224 Chapter 7 The Final Report 227 In this chapter you will discover: 228 7.1 Back in the Home Office – Compiling the Information 230 7.2 Important Terms of Art 231 7.2.1 Weakness 231 7.2.2 Strengths 232 7.2.3 Findings 232 7.2.4 Informational Observations 233 7.2.5 Good Practice 233 7.2.6 More About Findings 234 7.3 Identifying the Risk Level of Findings 235 7.3.1 Impact 236 7.3.2 Probability or Likelihood 239 7.3.3 Risk Assessment Matrix Development 239 7.4 Preparing the Draft Report 241 7.5 Report Review Process 243 7.6 The Future of the Report 245 REFERENCES 246 Chapter 8 Remediation 247 In this chapter you will discover: 248 8.1 Rule #1 – Don’t Shelve the Report and Findings! 249 8.2 Remember Your Objective 249 8.3 Assign a Professional Project Manager 249 8.4 Review the Entire Risk Assessment Report 251 8.4.1 Recognize the Strengths! 255 8.4.2 Assign Unique Numbers to Each Finding 255 8.5 Build the Remediation Team 255 8.6 Kick Off Meeting 256 8.7 Monthly Meetings (or More Frequent) 259 8.8 Addressing the Findings 259 8.9 Costs and Budgeting 261 8.10 Postmortem/After-Action Review 263 8.11 Questions for Consideration 264 REFERENCES 265 CHAPTER 9 Continuing the Journey 267 “Hey Boss, I know how to do a Risk Assessment!” 267 Your Job 270 Thank You! 270 APPENDIX A EXAMPLE RISK ASSESSMENT REPORT 271 ABOUT THE AUTHOR 332 |
| RESUMEN, ETC. | |
| Resumen, etc | WHAT DEVASTATING THREATS DOES YOUR CRITICAL FACILITY FACE? WHAT CAN YOU DO TO ADDRESS THOSE RISKS?Critical Infrastructure Risk Assessment is your hands-on, step-by-step guide to understanding, prioritizing and mitigating risk. Ernie Hayden guides you with tools, examples, processes plus a real-world example risk assessment report. With Ernie’s guidance, your critical facility will be safer and more secure!You will learn what constitutes critical infrastructure and risk, and you will be guided in preparing, performing, and documenting a risk assessment of any complex facility.This handbook is for junior and senior personnel alike. Whether you’re a consultant, plant manager, corporate risk manager, engineer, or student, read this book before you jump into your first technical assignment!Critical Infrastructure Risk Assessment will guide you to:•Understand Risk, Risk Management, and Risk Assessment.•Navigate your Risk Assessment process from pre-visit through the final report.•Prepare for your site Risk Assessment.•Balance Risk Assessment activities including Observations and Inspections.•Weigh Critical, High, Medium, and Low Risk for your assessment findings.•Perform Interviews and Material Condition Inspections as part of the Risk Assessment Process.•Draw practical lessons from a real-world example risk assessment report.•Motivate and educate engineers on ways to perform large-facility risk assessments.•Capture your risk assessment findings and strengths in a realistic, usable risk assessment report.•Make decisions and do the right thing to conduct an effective Risk Assessment of any large, complex facility. |
| TEXTUAL HOLDINGS--UNIDAD BIBLIOGRAFICA BASICA | |
| Existencias | 2 |
| ADDED ENTRY ELEMENTS (KOHA) | |
| Koha item type | Libros |
| Withdrawn status | Lost status | Permanent Location | Current Location | Date acquired | Source of acquisition | Full call number | Accession Number | Koha item type |
|---|---|---|---|---|---|---|---|---|
| Biblioteca Unipaz | Biblioteca Unipaz | 2024-07-31 | Compras | 613.62 H414c | 9781944480714 | Libros | ||
| Biblioteca Unipaz | Biblioteca Unipaz | 2024-07-31 | Compras | 613.62 H414c | 9781944480715 | Libros |