Page 12
Page 20
Visit us at
www.crcpress.com Page 15
to view more information and
Page 6
complete tables of contents for these and many other related books.
Sign up for email alerts. Page 7
Stay up to date on our latest resources. Want to maximize your buying power? Order directly from our online store and
Receive FREE Standard Shipping with every order, big or small.
MBIT510 MC_5.19.10bh
Page 7
New!
Mobile Device Security A Comprehensive Guide to Securing Your Information in a Moving World Stephen Fried Pewaukee, Wisconsin, USA
As each generation of portable electronic devices and storage media becomes smaller, higher in capacity, and easier to transport, it’s becoming increasingly difficult to protect the data on these devices while still enabling their productive use in the workplace. Explaining how mobile devices can create backdoor security threats, Mobile Device Security: A Comprehensive Guide to Securing Your Information in a Moving World specifies immediate actions you can take to defend against these threats. It begins by introducing and defining the concepts essential to understanding the security threats to contemporary mobile devices, and then takes you through all the policy, process, and technology decisions that must be made to create an effective mobile security strategy. Highlighting the risks inherent when mobilizing data, the text supplies a proven methodology for identifying, analyzing, and evaluating these risks. It examines the various methods used to store and transport mobile data and illustrates how the security of that data changes as it moves from place to place. Addressing the technical, operational, and compliance issues relevant to a comprehensive mobile security policy, the text: • Provides methods for modeling the interaction between mobile data and mobile devices—detailing the advantages and disadvantages of each • Explains how to use encryption and access controls to protect your data • Describes how to layer different technologies to create a resilient mobile data protection program • Provides examples of effective mobile security policies and discusses the implications of different policy approaches • Highlights the essential elements of a mobile security business case and provides examples of the information such proposals should contain • Reviews the most common mobile device controls and discusses the options for implementing them in your mobile environment Securing your mobile data requires the proper balance between security, user acceptance, technology capabilities, and resource commitment. Supplying real-life examples and authoritative guidance, this complete resource walks you through the process of creating an effective mobile security program and provides the understanding required to develop a customized approach to securing your information. Catalog no. K11063, June 2010, 296 pp. ISBN: 978-1-4398-2016-2, $69.95 / £44.99 For more information and complete contents, visit www.crcpress.com
3
New!
ITIL Release Management Dave Howard
The Green and Virtual Data Center
National Business Technology Manager, Toyota Financial Services, California, USA
Greg Schulz StorageIO Group, Stillwater, Minnesota, USA
When implemented correctly, release management can help ensure that quality is integrated throughout the development, implementation, and delivery of services, applications, and infrastructure. This holistic, total cost of ownership approach allows for higher levels of system availability, is more cost effective to maintain, and increases overall stability, maintainability, and reliability.
“… a concise and visionary perspective on the Green issues. … A great place to start your green journey and a useful handbook to have as the journey continues.”
A Hands-on Guide
Filled with practical insights, ITIL Release Management: A Hands-on Guide clearly illustrates the effective implementation of a release process in the real world. It examines the similarities and differences of release management and project management and clears up any confusion there might be about the two complementary processes. Shedding light on the day-to-day challenges that need to be overcome to ensure success, it details the how-to’s of effective implementation. Addressing the all-important cultural aspects, it explains how to sell the benefits of release management to all levels of your organization, how to overcome objections, and how to determine organizational readiness. This complete resource also includes a detailed model for executing a release management process, as well as numerous templates, diagrams, and role and responsibility charts to help kick start implementation efforts in your organization. It also explains how to develop effective performance metrics and supplies helpful examples of effective productivity measures. Catalog no. K10800, May 2010, 344 pp. ISBN: 978-1-4398-1558-8, $69.95 / £44.99
4
—Greg Brunton, EDS/An HP Company
“ … extremely well organized and easy to follow. Each chapter has a very good introduction and comprehensive summary. This book could easily serve as a blueprint for organizations to follow when they look for ideas on how to design new data centers. It's a great addition to an IT Bookshelf.” —Dr. Steve Guendert, Global Solutions Architect, Brocade Communications
“… reviews the latest developments in facilities, server, storage, networking, and monitoring technologies and provides a roadmap of how each can be used to create next-generation data centers that combine efficiency with scalability . . . an excellent primer for those wanting to understand how to create data centers for this new paradigm.” –Kurt Marko, in Processor, March 2009, Vol. 31, No. 11
Providing effective strategies for enabling and deploying environmentally friendly next-generation data centers, this book examines design and implementation tradeoffs using various best practices and technologies. It explains how to achieve energy efficient server and storage virtualization that is able to support a diversity of high-performance applications. Catalog no. AU6669, 2009, 396 pp. ISBN: 978-1-4200-8666-9, $79.95 / £48.99
SAVE 15% when you order online at www.crcpress.com
New Edition of a Bestseller!
Official (ISC)2® Guide to the CISSP® CBK®, Second Edition Edited by
Harold F. Tipton HFT Associates, Villa Park, California, USA
“… ideal not only for information security professionals attempting to achieve CISSP certification but also for those who are trying to decide which, if any, certification to pursue. Executives and organizational managers who want a more complete understanding of all the elements that are required in effectively protecting their enterprise will also find this guide extremely useful.” —Tony Baratta, CISSP-ISSAP, ISSMP, SSCP, Director of Professional Programs, (ISC)2
Recognized as one of the best tools available for the information security professional and especially for those studying for the (ISC)2® CISSP examination, the second edition of this bestselling resource has been updated and revised to reflect the latest developments in this ever-changing field. Endorsed by the (ISC)2, this book provides unrivaled preparation for the certification exam that is both up to date and authoritative. Compiled and reviewed by CISSPs and (ISC)2 members, the text provides an exhaustive review of the 10 current domains of the CBK, as well as the high-level topics contained in each domain. This edition includes a CD-ROM with more than 200 sample questions, sample exams, and a full test simulation that provides the same number and types of questions with the same allotment of time allowed on the actual exam. It even grades the exam, provides the correct answers, and identifies areas where more study is needed. Catalog no. K10480, January 2010, 1112 pp. ISBN: 978-1-4398-0959-4, $69.95 / £44.99
Coming Soon!
Official (ISC)2® Guide to the ISSAP® CBK® Edited by
Harold F. Tipton HFT Associates, Villa Park, California, USA
The Information Systems Security Architecture Professional (ISSAP) concentration is fundamentally the consultative and analytical process of information security. This book supplies the understanding to assure competence of the six major domains of the ISSAP concentration. With this guide, ISSAP candidates will understand the key concepts and requirements within the ISSAP CBK. It includes coverage of access control systems and methodologies, telecommunications and network security, cryptography, requirements analysis, business continuity and disaster recovery planning, and physical security integration. It also: • Follows the newly revised CISSP-ISSAP CBK • Reflects the evolving terminology and changing emphasis in the security professional’s day-to-day environment Contents: Access Control Systems and Methodologies, Sean Price Cryptography, Alex Golod and Mark Makowski Physical Security Integration, Paul Baker Requirements Analysis and Security Standards and Guidelines Criteria, Robert Batie Technology-Related Business Continuity Planning and Disaster Recovery Planning, Kelley Okolita Telecommunications and Network Security, Gilbert Held Answers to Sample Questions Catalog no. K10073, August 2010, c. 500 pp. ISBN: 978-1-4398-0093-5, $79.95 / £49.99
For more information and complete contents, visit www.crcpress.com
5
New!
Information Security Management Handbook Sixth Edition, Volume 4 Edited by
Harold F. Tipton HFT Associates, Villa Park, California, USA
Micki Krause Nozaki Pacific Life Insurance Company, Newport Beach, California, USA
Every year, in response to advancements in technology and new laws in different countries and regions, there are many changes and updates to the body of knowledge required of IT security professionals. Updated annually to keep up with the increasingly fast pace of change in the field, the Information Security Management Handbook is the single most comprehensive and up-to-date resource on information security and assurance. Providing an up-to-date compilation of the fundamental skills, techniques, tools, and understanding required of IT security professionals, the Information Security Management Handbook, Sixth Edition, Volume 4 reflects the latest changes to information security and the CISSP® Common Body of Knowledge (CBK®). This edition updates the benchmark Volume 1(also available on crcpress.com) with a wealth of new information on mobile device security, adaptive threat defense, Web 2.0, virtualization, data leakage, and governance. New material also addresses risk management, business continuity planning, disaster recovery planning, and cryptography. As the risks that threaten the security of our systems continue to evolve, it is imperative that those charged with protecting that information stay ahead of the curve. This comprehensive resource provides the up-to-date understanding required to keep you abreast of the latest developments, new vulnerabilities, and possible threats. Catalog no. K11003, June 2010, 529 pp. ISBN: 978-1-4398-1902-9, $99.95 / £63.99
Information Security Management Handbook 2010 CD-ROM Edition Containing the complete contents of Volumes 1, 2, 3, and this year’s Volume 4, the Information Security Management Handbook, 2010 CD-ROM Edition is an authoritative resource that is linked, searchable by keyword, and organized under the CBK® domains. In addition to the complete contents of the 6,000 page set, the CD-ROM includes an extra volume's worth of information—including chapters from other security and networking books that have never appeared in the print editions. Catalog no. K10967, June 2010, CD-ROM ISBN: 978-1-4398-1841-1, $199.95 / £127.00
6
SAVE 15% when you order online at www.crcpress.com
New!
Healthcare Informatics
New!
Edited by
GIS in Hospital and Healthcare Emergency Management
Stephan P. Kudyba
Ric Skinner, GISP
New Jersey Institute of Technology, Newark, USA
The Stonybrook Group, LLC, Sturbridge, Massachusetts, USA
Improving Efficiency and Productivity
“We owe it to ourselves and future generations to do all we can to make our healthcare systems work smarter, be more effective, and reach more people. The power to know is at our fingertips; we need only embrace it.” —From the Foreword, James H. Goodnight, PhD, CEO, SAS
Examining the complexities involved in managing resources in our healthcare system, this book explains how management theory and informatics applications can increase efficiencies in various functional areas of healthcare services. Delving into data, project management, and advanced analytics, it details and provides supporting evidence for the strategic concepts that are critical to achieving successful healthcare information technology, information management, and electronic health record applications. Bridging the gap from theory to practice, the book discusses actual informatics applications that have been incorporated by various healthcare organizations and the corresponding management strategies that led to their successful employment. Offering a wealth of detail, it details several working projects, including a computer physician order entry system, an E-commerce self-service patient check-in, an informatics project that turned a healthcare system’s paper-based resources into digital assets, and a healthcare system’s use of algorithms to identify patients at risk for hepatitis. Catalog no. K10489, April 2010, 279 pp. ISBN: 978-1-4398-0978-5, $79.95 / £49.99
“Ric Skinner has pulled together leaders and scientists from an incredible cross-section of those who are truly involved in the preparations for, and responses to, emergencies. These authors—leaders in their fields—have managed to explain a comprehensive range and depth of information that will prove to be critical to an organization that wants to ensure success in their planning and response.” —R. Tom Sizemore III, MD, Principal Deputy Director, Office of Preparedness & Emergency Operations, U. S. Department of Health & Human Services
“... authoritative and comprehensive, covering all areas of emergency management involving GIS and related technologies, in a readable and accessible manner.” —Omar A. Khan, MD MHS FAAFP, University of Vermont College of Medicine & American Public Health Association (APHA)
“This book should be required reading for every emergency manager. The writing style is engaging and the subject matter draws you in … . If you start reading this book with a neophyte’s view of GIS, you will walk away with an intense collection of real-world knowledge.” —Hal Newman, Managing Partner, TEMS
“... an excellent guide to the future of healthcare emergency management.” —James M. Rush, Chief Operating Officer, JVR Health Readiness Inc.
Catalog no. K11128, April 2010, 279 pp. ISBN: 978-1-4398-2129-9, $99.95 / £63.99
For more information and complete contents, visit www.crcpress.com
7
New!
Project Management Tools and Techniques for Success
New!
Essential Project Management Skills
Christine B. Tayntor
Kerry Wills
Independent Consultant, Wyoming, USA
Southington, Connecticut, USA
This book provides an accessible introduction to project management fundamentals. Highlighting approaches for avoiding common pitfalls, it begins with an introduction to project management that compares and contrasts the stages of poor management with those of effective management. Because change is inherent in virtually all projects, the text outlines the human effects of change and suggests ways to mitigate these effects. It addresses team dynamics, sourcing alternatives, motivating the team, managing expectations, assessing risk, and defining and prioritizing project requirements. The book translates difficult concepts into practical applications with an entertaining and informative case study that examines the merger of two companies and the subsequent development of a new corporate headquarters. By adding a layer of statistical methods and tools to the front-end of a project, Design for Six Sigma (DFSS) augments standard Six Sigma processes to help ensure project results meet customers' needs and that delays caused by new requirements or rework after implementation are eliminated or reduced. This book explains how to effectively incorporate DFSS tools to reduce the possibility of failure in your next project. Catalog no. K10838, May 2010, 290 pp. ISBN: 978-1-4398-1630-1, $69.95 / £44.99
8
Reflecting the changing landscape of today’s projects, Essential Project Management Skills empowers project managers to master the skills necessary to succeed in the current environment. Enhanced with tables and diagrams, the book begins by introducing the concepts related to the changing project landscape and their impact on projects. It then delves into the details of several trends within the project landscape, describes the challenges created by these trends for project managers, and provides illuminating case studies that elucidate each trend and its impact. Next, the book outlines the skills required to be successful in this new environment and offers techniques that can be applied to fully master them. Each of these skills is aligned with a case study in which the skills and techniques are used and the outcomes discussed. Finally, the book ties together the evolution of the project landscape, the challenges posed, and the new skills required to manage projects successfully in today’s environment. It also includes a checklist of the skills and techniques in the context of different project scenarios. Catalog no. K11341, May 2010, 220 pp. ISBN: 978-1-4398-2716-1, $69.95 / £44.99 Order directly from our online store and
Receive FREE Standard Shipping with every order, big or small.
SAVE 15% when you order online at www.crcpress.com
New!
Project Management Theory and Practice
New!
Gary L. Richardson
The Project Manager's Communication Toolkit
University of Houston, Texas, USA
Shankar Jha
Although there are numerous project management resources available, most are either too academic, focus too heavily on IT, or provide silver-bullet, quick-fix advice without the theory required to understand why the solutions work. Following and expanding on PMI’s Project Management Body of Knowledge (PMBOK®), this text provides a complete and accessible overview of project management theory.
" … a valuable resource for program and project managers at all levels and all industries. Shankar very successfully managed very large and complex projects for my organization utilizing many of these tools and techniques."
This classroom-tested resource translates the abstract model vocabulary and processes from A Guide to the Project Management Body of Knowledge (PMBOK® Guide), Fourth Edition into accessible discussions complete with contemporary views and projections for the future. It integrates the organizational environment that surrounds a project to supply readers with the well-rounded knowledge of theories, organizational issues, and human behavior needed to effectively manage real-world projects. The author details numerous project-related frameworks, including enterprise project management, project portfolio management, work breakdown structures, earned value management, professional responsibility, and project team productivity. Filled with numerous end-ofchapter questions, scheduling and budgeting problems, scoping projects, and sample worksheets that illustrate various analytical tools and management decisions, this is the ideal resource for anyone seeking project management certification. Catalog no. K10496, January 2010, 578 pp. ISBN: 978-1-4398-0993-8, $89.95 / £57.99
—Nancy Couture, V. P. Enterprise Intelligence, Ingenix
Addressing the difficulties involved in day-to-day project management communication, The Project Manager’s Communication Toolkit provides proven methods for creating effective communications—including text-based plans, reports, messages, and presentations. Using language that is easy to understand, it examines the many tools available and defines their proper use and application. The author explains how to determine the most effective communication tools for specific needs. Numerous real-world examples illustrate how to gain control over project parameters, how to overcome conflict, and how to create effective project plans, charters, and statements of work. Complete with case studies, this book supplies the knowledge required to harness the power of everyday communication tools for project success. Arming readers with the practical understanding to select the right tools, this valuable resource also supplies the insight needed to use those tools effectively in a wide range of real-world situations. Catalog no. K10497, March 2010, 200 pp. ISBN: 978-1-4398-0995-2, $59.95 / £38.99
For more information and complete contents, visit www.crcpress.com
9
Bestseller!
The Complete Project Management Office Handbook Second Edition
A Standard for Enterprise Project Management
Gerard M. Hill
Michael S. Zambruski
Principal, Hill Consulting Group, Woodbridge, Virginia, USA
TBA&P, LLC, Cheshire, Connecticut, USA
The second edition of this bestselling reference extends the concepts and considerations of modern project management into the realm of project management oversight, control, and support. Recognizing the need for a centralized organizational entity—the project management office (PMO)—to perform in this capacity, this book considers five stages of PMO along a competency continuum, establishing the depth of its functional responsibility.
Providing structured yet adaptable models of project success within an organization, A Standard for Enterprise Project Management explains each of the basic elements needed for project success and integrates them into a balanced life-cycle continuum. It also supplies practical policies, procedures, techniques, and templates for consistent management of projects.
Addressing a wide range of topics, the book considers methodology development, resource management, vendor management, and project portfolio management. It also: • Includes twenty functional models that can be used to guide the deliberation and development of PMO operational capability • Illustrates how modern project management processes can be aligned with the organization’s business interests • Describes the depth of PMO responsibility needed to meet the unique oversight, control, and support requirements of every organization • Supplies authoritative guidance on establishing and managing a small PMO CONTENTS: Practice Management. Infrastructure Management. Resource Integration. Technical Support. Business Alignment. Catalog no. AU4680, 2008, 752 pp. ISBN: 978-1-4200-4680-9, $89.95 / £57.99
The book first discusses project authorization and initiation, followed by analysis and planning. It then covers execution, control, and closure. Each phase contains an explanation and an illustration of how to optimize success. Throughout the text, the author refers to numerous appendices that constitute blank and completed templates. He provides details on how to use these tools, with an emphasis on balancing the benefits of standardization and the need for flexibility. The accompanying CD-ROM encompasses a color version of the book with four bonus features: • Quick start with Project 2003 that offers a one-page tutorial and three pages of screen prints • Complex project readiness grid that suggests how to manage intricate interrelationships in a project or program environment • Project management competency development grid that outlines a program for developing key skills among project managers within an organization • Traceability matrix that illustrates how various levels of requirements and final solutions are interrelated Catalog no. AU7245, 2009, 128 pp., Soft Cover ISBN: 978-1-4200-7245-7, $83.95 / £52.99
10
SAVE 15% when you order online at www.crcpress.com
New!
New!
The Complete Project Management Methodology and Toolkit
PMP® Exam
Gerard M. Hill
ESI International, Arlington, Virginia, USA ESI International, Arlington, Virginia, USA
Principal, Hill Consulting Group, Woodbridge, Virginia, USA
Written by one of the nation’s most highly regarded project management mentors, this book delineates a "business-relevant" methodology that can be introduced across different industries and business environments. It describes the ProjectPRISM™ Project Management Methodology, an innovative, matrix-based approach to conducting project management that introduces relevant concepts, practices, and tools in an effective project management solution. Aligned with common business practices, Gerard Hill’s method demonstrates how to develop project plans, keep on schedule, manage budgets, maintain areas of responsibility, and evaluate a project’s progress from concept to completion. The text offers insight for customizing the methodology to meet the unique needs of individual organizations. It also: • Includes a companion CD-ROM with a complete methodology package: Process Guide, Practice Guide, and a ready-to–use 96-tool Process Toolkit • Aligns project management with common business practices that already exist in many business organizations • Offers detailed process and practice guidance for completing the essential activities of project management Catalog no. K10095, January 2010, 420 pp. ISBN: 978-1-4398-0154-3, $89.95 / £54.99
Practice Test and Study Guide, Eighth Edition Edited by
J. LeRoy Ward
Well-trained project management professionals are highly sought after in today's competitive global business environment—making the Project Management Professional® (PMP) certification one of the most sought after certifications. Offered by the Project Management Institute, the PMP® Exam is quite intensive and commands advanced knowledge of and experience with project management concepts. Rigorous and authoritative, the PMP Exam: Practice Test and Study Guide, Eighth Edition is an essential resource that can help increase your chances of passing the PMP certification exam the first time. This new spiral-bound edition: • Includes 40 multiple-choice practice questions in each of nine knowledge areas and in the professional and social responsibilities domain • Presents a composite 200-question practice test that simulates the actual exam • Contains fully referenced answers keyed to the five project management process groups • Supplies a complete bibliography and a study matrix to help readers key in on specific areas where further study is needed Catalog no. N10241, January 2010, Soft Cover ISBN: 978-1-890367-52-7, $59.95 / £38.99 Order directly from our online store and
Receive FREE Standard Shipping with every order, big or small.
For more information and complete contents, visit www.crcpress.com
11
New!
New!
Cloud Computing
Cloud Computing
Implementation, Management, and Security
Technologies and Strategies of the Ubiquitous Data Center
John W. Rittinghouse Hypersecurity LLC, Houston, Texas, USA
Brian J.S. Chee
James F. Ransome
Curtis Franklin Jr.
University of Hawaii, Honolulu, USA
Cisco Systems, Santa Clara, California, USA
Providing a clear understanding of what cloud computing really means, this book supplies the knowledge needed to make educated decisions regarding cloud initiatives. It examines the advantages and disadvantages and explores how it could become disruptive in the future. The authors first discuss the evolution of computing, focusing primarily on advances that led to the development of cloud computing. Next, they survey the critical components necessary to make the cloud computing paradigm feasible. They present various standards based on the use and implementation issues surrounding cloud computing and describe the infrastructure management that is maintained by cloud computing service providers. The book concludes by examining the successes of several cloud computing vendors and how their achievements have helped to shape cloud computing. Arming readers with guidance essential to making smart, strategic decisions on cloud initiatives, this book: • Describes different types of cloud services • Illustrates how to build a cloud network • Presents common standards for application development, messaging, and security • Covers the legal and philosophical issues that must be addressed to ensure protection of user data and mitigate corporate liability Catalog no. K10347, January 2010, 340 pp. ISBN: 978-1-4398-0680-7, $79.95 / £49.99
12
Gainesville, Florida, USA
Examining cloud computing from an IT manager’s perspective, this book answers basic and strategic questions about cloud computing. The first section covers the computing roots that have evolved into cloud computing. It looks at how IT has traditionally serviced needs and how cloud computing improves and expands on these services. Next, it shows how to begin the process of determining which organizational needs would best be served and improved by cloud computing. The text supplies specific cases as examples to walk you through issues that your organization might likely encounter. It also: • Introduces the concepts behind different types of clouds, including those used for storage, those that improve processor and application delivery, and those that mix any and all of these services • Covers typical concerns you will hear regarding such issues as security, application integration, and structural limitations • Looks at the future of cloud, from developments right on the horizon to those still in the planning stage By the book’s conclusion, you will have a solid basis on which to initiate strategic discussions about deploying cloud computing in your organization. You will understand how it can affordably solve real problems, you will know which strategies to use, and will become aware of the pitfalls to avoid. Catalog no. K10303, April 2010, 288 pp. ISBN: 978-1-4398-0612-8, $69.95 / £44.99
SAVE 15% when you order online at www.crcpress.com
VMware ESX Essentials in the Virtual Data Center
Enterprise Architecture A to Z
Florida Hospital, Altamonte, USA
Frameworks, Business Process Modeling, SOA, and Infrastructure Technology
Jason W. McCarty
Daniel Minoli
Equifax, Baton Rouge, Louisiana, USA
SES Americom, Princeton, New Jersey, USA
Flexible and efficient, VMware ESX is the tool of choice for enterprise data centers looking to make the most of the latest virtualization methods. Written by pioneers and established experts in the field of virtualization with years of handson experience, this book details the product and outlines innovative ways to use virtualization within the organization. With novel solutions for every level of the IT chain, this text is a complete guide to the design, operation, and management of the ESX product.
Examining cost-saving trends in architecture planning, administration, and management, this book begins by evaluating the role of Enterprise Architecture Planning and ServiceOriented Architecture modeling. It provides an extensive review of the most widely deployed architecture framework models, and includes discussions on The Open Group Architecture Framework and the Zachman Architectural Framework, formal architecture standards, as well as all four layers of the business information, solution, and technology architecture models.
Featuring technical information, best practices, and technology breakdowns needed to answer real business challenges, this succinct volume: • Shows how to install ESX, either manually or using an automated method, detailing the various key performance optimizations that can make installation more efficient • Describes ways to further automate and enhance the ESX environment and make it more extensible with APIs, SDKs, programming extensions, and VirtualCenter plug-ins • Explains the latest ESX features • Details the architecture and background of ESX through the use of diagrams
The first part of the text focuses on the upper layers of the architecture framework, while the second part focuses on the technology architecture. In this second section, the author presents an assessment of storage technologies and networking and addresses regulatory and security issues. Additional coverage includes high-speed communication mechanisms such as Ethernet, WAN and Internet communication technologies, broadband communications, and chargeback models.
David Marshall Hyper9, Austin, Texas, USA
Stephen S. Beaver
This text covers VMware VI3, the most widely distributed server virtualization product on the market, from 3.0 to 3.5, and the most recently announced embedded version of ESXi. It will enable IT organizations to save hardware costs and make server deployments, provisioning, and management more efficient. Catalog no. AU7027, 2009, 256 pp. ISBN: 978-1-4200-7027-9, $62.95 / £40.99
CONTENTS: Enterprise Architecture and Technology: Trends, Goals, Roles, and Mechanisms. The Open Group Architectural Framework. The Zachman Architectural Framework. Official Standards. Tools. Business Process Modeling. Architecture Fulfillment via Service-Oriented Architecture Modeling. Evolving SAN, GbE/10GbE, and Metro Ethernet Technologies. Evolving MAN/WAN Technologies. Networking in SOA Environments. Server/Storage Virtualization and Grid Computing for Commercial Enterprise Environments. Catalog no. AU8517, 2008, 504 pp. ISBN: 978-0-8493-8517-9, $79.95 / £52.99
For more information and complete contents, visit www.crcpress.com
13
New!
New!
Thin Air
Fundamentals of EMS, NMS and OSS/BSS
How Wireless Technology Supports Lean Initiatives
Jithesh Sathyan
Dann Anthony Maurno
Infosys Technologies Limited, Bangalore, India
Salem, Massachusetts, USA
Louis Sirico San Jose, California, USA
“A must read for executives looking to optimize performance while automating traceability in outsourced supplier networks.” —Raj Saksena, President and CEO, Omnitrol Networks Inc.
“Thin Air clearly explains how wireless solutions can offer sophisticated asset management applications, impact patient flow, and increase staff efficiency thereby playing a major role in helping healthcare administrators improve efficiency, streamline operations, and ultimately help caregivers in their primary mission of providing quality patient care. —Jason Howe, CEO, Awarepoint
This book proposes practices and paradigms for virtually seamlessly integration of Lean’s culture of continuous process improvement with wireless technology. It discusses the application of a wide range of wireless technologies, including Wi-Fi, RFID, wireless sensor networks, real-time location systems, and global positioning systems. It addresses the modernization of infrastructure, elimination of costly hardware and redundant equipment, the facilitation of e-Kanban, and the provision of real-time visibility into any operation. This compete resource includes access to a Lean Wireless ROI Calculator you can use to calculate estimated savings in labor and excess capacity at your company. CONTENTS: The Confusion of the Tongues. Lean Wireless is Already Here. Why Now? Lean Wireless and the Costs of Doing Business. The Lean Wireless Missions. The Democratic Frontiers of Lean Wireless. Afterword: Lean Wireless 2015. Appendices: Lean Glossary. Wireless Glossary. Standards Used in Wireless Enterprises. Lean Wireless ROI.
Supplying an end-to-end understanding of telecom management layers, Fundamentals of EMS, NMS and OSS/BSS is a complete guide to telecom resource and service management basics. Divided into four sections: Element Management System, Network Management System, Operation/Business Support Systems, and Implementation Guidelines, the book examines standards, best practices, and the industries developing these systems. Each section starts with basics, details how the system fits into the telecom management framework, and concludes by introducing more complex concepts. From the initial efforts in managing elements to the latest management standards, the text: • Covers the basics of network management, including legacy systems, management protocols, standards, and popular products • Deals with OSS/BSS—covering processes, applications, and interfaces in the service/business management layers • Supplies implementation guidelines for developing customized management solutions The book includes chapters devoted to popular market products and supplies case studies that illustrate real-life implementations as well as the interaction between management layers. Complete with implementation guidelines, detailed references, and lists of web resources to keep you current, this valuable resource supplies you with the fundamental understanding and the tools required to begin developing telecom management solutions tailored to your customer’s needs. Catalog no. AU8573, June 2010, 576 pp. ISBN: 978-1-4200-8573-0, $89.95 / £54.99
Catalog no. K10242, April 2010, 251 pp. ISBN: 978-1-4398-0439-1, $59.95 / £38.99
14
SAVE 15% when you order online at www.crcpress.com
New!
New!
Information Security Management
Information Security Risk Analysis
Concepts and Practice
Third Edition
Bel G. Raggad
Thomas R. Peltier
Pace University, Pleasantville, New York, USA
Thomas R. Peltier Associates, Wyandotte, Michigan, USA
Although the international community has been aggressively engaged in developing security standards for network and information security worldwide, there are few textbooks available that provide clear guidance on how to properly apply the new standards in conducting security audits and creating risk-driven information security programs.
Successful security professionals have had to modify the process of responding to new threats in today’s high-profile, ultra-connected business environment. But just because a threat exists doesn’t mean your organization is at risk. Information Security Risk Analysis, Third Edition demonstrates how to identify threats your company faces and determine if those threats pose a real risk to your organization.
An authoritative and practical classroom resource, this book provides a general overview of security auditing before examining the various elements of the information security life cycle. It explains the ISO 17799 standard and walks readers through the steps of conducting a nominal security audit that conforms to the standard. The text also provides detailed guidance for conducting an in-depth technical security audit leading to certification against the 27001 standard. Topics addressed include cyber security, security risk assessments, privacy rights, HIPAA, SOX, intrusion detection systems, security testing activities, cyber terrorism, and vulnerability assessments. This text is filled with review questions, workshops, and real-world examples that illustrate effective implementation and security auditing methodologies. It also includes a detailed methodology readers can use to devise and implement effective risk-driven security programs that touch all phases of a computing environment, including the sequential stages needed to maintain IS management systems that conform to the latest ISO standards. Catalog no. AU7854, January 2010, 871 pp. ISBN: 978-1-4200-7854-1, $79.95 / £49.99
Authored by a renowned security expert and certification instructor, this authoritative reference provides you with the knowledge and the skill-sets needed to achieve a highly effective risk analysis assessment in less than one week. Supplemented with online access to sample forms, controls, policies, letters, and spreadsheets, this one-stop, how-to resource: • Reviews risk analysis, risk assessment, and vulnerability assessments • Introduces System Development Life Cycle and Business Process Life Cycle , and integrates risk analysis and assessment into these processes • Discusses the need to develop a standard set of controls, and details how to apply regulations such as GLBA, HIPPA, SOX, and ISO 17799 • Explains how to use qualitative risk assessment concepts and FRAAP to conduct business impact analyses and determine information classification requirements Catalog no. K11810, March 2010, 456 pp. ISBN: 978-1-4398-3956-0, $79.95 / £49.99
For more information and complete contents, visit www.crcpress.com
15
Bestseller!
Bestseller!
The Security Risk Assessment Handbook
Complete Guide to Security and Privacy Metrics
A Complete Guide for Performing Security Risk Assessments
Measuring Regulatory Compliance, Operational Resilience, and ROI
Douglas J. Landoll
Debra S. Herrmann
En Pointe Technologies, Austin, Texas, USA
This comprehensive manual provides detailed insight into precisely how to conduct an information security risk assessment from a practical point of view. Designed for security professionals who want a more in-depth understanding of the risk assessment process, this volume contains real-world advice that promotes professional development and experience. It also enables security consumers to better negotiate the scope and rigor of a security assessment, effectively interface with a security assessment team, deliver insightful comments on a draft report, and have a greater understanding of final report recommendations. The book offers charts, checklists, examples, and templates that speed up data gathering, analysis, and document development. It also: • Explains how to conduct an effective information security risk assessment • Contains real examples, step-by-step descriptions, checklists, decision techniques, and other helpful tricks of the trade • Explores administrative, technical, and physical data gathering, including the RIIOT Method • Covers security risk analysis and mitigation and security risk assessment reporting • Describes the steps of project management assessment, including planning, tracking, correcting, reporting, and wrap-up • Examines various risk assessment tools and methods, and compares quantitative vs. qualitative analysis
U.S. Nuclear Regulatory Commission, Washington, D.C., USA
“Provides valuable directions on how measurement works and what goes into producing a useful metric. … when faced with the necessity of developing a metrics program to measure the effectiveness of some aspect of your security efforts, this rather imposing tome is one I would recommend as a way to jumpstart your efforts. The master table in the introduction provides a quick guide to the particular section most relevant to the reader’s need …” — Richard Austin, in IEEE Cipher
“… a useful reference for individuals who must meet the challenge of selecting good metrics.” —Cheryl Washington, Information Security Officer, California State University, in Educause Quarterly
This book defines more than 900 metrics that measure compliance with legislation, resiliency of security controls, and return on investment. It clearly explains what needs to be measured, how to measure it, and how to tie security and privacy metrics to business goals and objectives. The metrics provided are scaled by information sensitivity, asset criticality, and risk; aligned to correspond with different lateral and hierarchical functions; designed with flexible measurement boundaries; and can be implemented individually or in combination. The text includes a wealth of examples and sample reports. Catalog no. AU5402, 2007, 848 pp. ISBN: 978-0-8493-5402-1, $129.95 / £83.99
Catalog no. AU2998, 2006, 504 pp. ISBN: 978-0-8493-2998-2, $87.95 / £56.69
16
SAVE 15% when you order online at www.crcpress.com
Bestseller!
Cyber Fraud
Information Technology Control and Audit
Tactics, Techniques, and Procedures
Third Edition Sandra Senft and Frederick Gallegos California State Polytechnic University, Pomona, USA
Praise for the Previous Edition: “…very useful for beginners as well as practitioners …well written and presented. ... should provide resiliency to IT security in the emerging cyberworld.” — Information Systems Control Journal
Now in its third edition, this updated and revised edition of a bestseller is an excellent introductory reference to IT governance, controls, and auditing. It reviews pertinent legislation; discusses the future of auditing in the 21st century; and examines governance, strategy and standards, and acquisition and implementation. In a section on delivery and support, it explores service management, service continuity, systems management, and operations management. Finally, the authors review advanced topics such as virtual environment, virtual security, e-commerce, and enterprise resource planning. This new edition includes guidelines for preparing for the CISA Exam, and includes numerous illustrations.. New in the Third Edition: • Reorganized and expanded to align with CobiT objectives • Supports study for both the CISA and CGEIT exams • Includes chapters on IT financial and sourcing management • Adds a section on Delivery and Support control objectives • Includes additional content on audit and control of outsourcing, change management, risk management, and compliance
Rick Howard Verisign iDefense Security Intelligence Services, Dulles, Virginia, USA
This book documents changes in the culture of cyber criminals and explores the innovations that have resulted from those changes. Copiously illustrated, it explores the threats present in the cyber fraud underground. It discusses phishing and pharming, trojans and toolkits, direct threats, pump-anddump scams, and other fraud-related activities of the booming cyber-underground economy. By examining the geopolitical and socio-economic foundations of a cyber threat landscape, the book examines telecommunications infrastructure development, patterns and trends of internet adoption and use, profiles of specific malicious actors, threat types, and trends in these areas. This eye-opening work includes a variety of case studies―including the cyber threat landscape in Russia and Brazil. An indepth discussion is provided on the Russian Business Network’s role in global cyber crime as well as evidence on how these criminals steal, package, buy, sell, and profit from consumers’ personal financial information. The text also: • Examines economic vulnerability models and analyzes how they can affect vendors, end users, and vulnerability researchers • Outlines a conceptual model of the structures, functions, and roles of actors and organizations within the cyber crime underground • Addresses the maturity of malcode communication and the preventative measures organizations can take • Outlines countermeasure expenditures that should be considered by organizations Catalog no. AU9127, 2009, 520 pp. ISBN: 978-1-4200-9127-4, $79.95 / £48.99
Catalog no. AU6550, 2009, 774 pp. ISBN: 978-1-4200-6550-3, $89.95 / £59.99 For more information and complete contents, visit www.crcpress.com
17
New!
New!
Process-Centric Architecture for Enterprise Software Systems
Product Release Planning Methods, Tools and Applications Gunther Ruhe University of Calgary, Alberta, Canada
Parameswaran Seshan Infosys, Bangelore, India
The increasing adoption of Business Process Management (BPM) has inspired pioneering software architects and developers to effectively leverage BPM-based software and process-centric architecture (PCA) to create software systems that enable essential business processes. Reflecting this emerging trend, this book provides a complete and accessible introduction explaining this architecture. The text details the analysis and design principles used in process-centric architecture and demonstrates how to architect and design enterprise systems based on business processes central to your organization. It covers the architectural aspects of business process management, the evolution of IT systems in enterprises, the importance of a business process focus, the role of workflows, business rules, enterprise application integration, and business process modeling languages such as WS-BPEL and BPML. It also investigates: • Fundamental concepts of process-centric architecture style • The PCA approach to architecting enterprise IT systems • Business process driven applications and integration • Two case studies that illustrate how to architect and design enterprise applications based on PCA • SOA in the context of process-centric architecture • Standards, technologies, and infrastructure behind PCA Explaining how to architect enterprise systems using a BPMS technology platform, J2EE components, and Web services, this forward-looking book will empower you to create systems centered on business processes and make today’s enterprise processes successful and agile.
Authored by renowned expert Günther Ruhe, this book presents methods and tools for applying sound planning to product development and product management. It covers the different aspects of supporting product release decisions, including foundations, methods, tools, and applications. It provides a guided tour through the methodology and use of release planning, from technology and market needs to product planning and development projects. The book studies three fundamental classes of problems: prioritization of features, product release planning on a strategic level (roadmapping), and release planning on an operational level (staffing). It presents and discusses tool support for all the methods covered. Complete with case studies and application scenarios that illustrate the proposed methods, the text supplies trial accounts for the two most important decision tools for prioritization and product release planning. It also: • Defines release planning, highlights its importance, and dispels misconceptions about it • Presents in-depth modeling options related to business, resource, risk, and technological constraints • Provides a highly flexible, customizable method for conducting systematic release planning • Explains how to start the process of product release planning • Covers release planning software such as VeryBestChoiceLight, ReleasePlanner™, and RASORP and includes public logins to two web-based tools Catalog no. 2620, June 2010, 339 pp. ISBN: 978-0-8493-2620-2, $89.95 / £57.99
Catalog no. K10837, June 2010, 320 pp. ISBN: 978-1-4398-1628-8, $89.95 / £57.99
18
SAVE 15% when you order online at www.crcpress.com
New!
New!
Basics of Process Mapping
Process Improvement and CMMI® for Systems and Software
Second Edition Robert Damelio The bestselling first edition of this influential resource has been incorporated into the curriculum at forward thinking colleges and universities, a leading vocational technical institute, many in-house corporate continuous improvement approaches, including Six Sigma, and the United Nations’ headquarters in New York. Providing a complete and accessible introduction to process maps, The Basics of Process Mapping, Second Edition raises the bar on what constitutes the basics. Thoroughly revised and updated, it explains how relationship maps, cross-functional process maps (swimlane diagrams), and flowcharts can be used as a set to provide different views of work.
Ron Kenett KPA, Ltd., Raanana, Israel
Emanuel Baker Process Strategies, Inc., Los Angeles, California, USA
Unveiling the state of the art in strategic planning and process improvement, this practical resource provides a workable approach for achieving cost-effective process improvements for systems and software. Focusing on planning, implementation, and management in system and software processes, it supplies a brief overview of basic strategic planning models— covering fundamental concepts and approaches for system and software measurement, testing, and improvements.
New in the Second Edition: • Four new chapters and 75 new graphics • An introduction to the concepts of flow and waste and how both appear in knowledge work or business processes • A set of measures for flow and waste • A discussion of problematic features of knowledge work and business processes that act as barriers to flow • Seven principles and 29 guidelines for improving the flow of knowledge work • A detailed case study that shows how one organization applied the principles and guidelines in order to reduce lead time from an average of 28 days to 4 days
The authors, among the first to introduce quality management to the software development processes, introduce CMMI® and various other software and systems process models. They supply an easy-to-follow methodology for evaluating the status of development and maintenance processes and for determining the return on investment for process improvements.
Unlike "tool books" or "pocket guides" that focus on discrete tools in isolation, this text uses a single comprehensive service work example that integrates all three maps, and illustrates the insights they provide when applied as a set. It contains how-to procedures for creating each type of map, and includes clear-cut guidance for determining when each type of map is most appropriate. The well-rounded understanding provided in these pages will allow readers to make work visible at the organization, process, and job/performer levels.
• Assessment and measurement in systems and software
Catalog no. PP7376, June 2010, 156 pp., Soft Cover ISBN: 978-1-56327-376-6, $15.00 / £9.99
The text examines beta testing and various testing and usability programs. It highlights examples of useful metrics for monitoring process improvement projects and explains how to establish baselines against which to measure achieved improvements. It also covers: • Strategy and basics of quality and process improvement
• Improvements and testing of systems and software • Managing and reporting data The book concludes with a realistic case study that illustrates how the process improvement effort is structured and brings together the methods, tools, and techniques discussed. Catalog no. AU6050, March 2010, 435 pp. ISBN: 978-1-4200-6050-8, $69.95 / £44.99
For more information and complete contents, visit www.crcpress.com
19
Architecting Software Intensive Systems
Third Edition of a Bestseller!
Software Testing and Continuous Quality Improvement
A Practitioner’s Guide Anthony J. Lattanze Carnegie Mellon University, Pittsburgh, Pennsylvania, USA
Third Edition William E. Lewis President and CEO, Smartware Technologies Inc., Plano, Texas, USA
To aid you in creating meaningful test cases for systems with evolving requirements, the third edition of this bestselling reference provides a continuous quality framework for the software testing process within traditionally structured and unstructured environments. Completely revised, it provides a comprehensive look at software testing as part of the project management process—emphasizing testing and quality goals early on in development. Building on the success of previous editions, the text explains testing in a Service Orientated Architecture environment, the building blocks of a Testing Center of Excellence, and how to test in an agile development environment. Fully updated, the sections on test effort estimation provide greater emphasis on testing metrics. The book examines all aspects of functional testing and looks at the relation between changing business strategies and changes to applications in development. It also includes new chapters on process, application, and organizational metrics. All IT organizations face software testing issues, but most are unprepared to manage them. This enhanced edition includes a listing of free software tools as well as a question-and-answer checklist for choosing the best tools for your organization. Catalog no. AU0733, 2009, 688 pp. ISBN: 978-1-4200-8073-5, $83.95 / £52.99
20
Architectural design is a crucial first step in developing complex software intensive systems. Early design decisions establish the structures necessary for achieving broad systemic properties. However, today’s organizations lack synergy between their software development processes and technological methodologies. Providing thorough treatment of theory and best practices, this book explains: • How and when to design architectures • How to weave architecture design processes into existing development processes • What to do with architecture design artifacts once created The first section establishes key concepts in architectural design for software intensive systems, including architectural drivers and structures. The book then goes on to describe the industry-tested Architecture Centric Design Method. Each stage of the method is clearly explained and the book provides all of the supporting templates and checklists. The last section discusses practical matters, including how to adopt disciplined architectural design practices into existing organizational development processes. With the principled understanding of design provided, architects can temper their visceral instinct to react and be better prepared to address a broader range of design problems, regardless of business context or their domain experience. Catalog no. AU4569, 2009, 416 pp. ISBN: 978-1-4200-4569-7, $83.95 / £52.99
SAVE 15% when you order online at www.crcpress.com
Requirements Engineering for Software and Systems
New!
Applied Software Product-Line Engineering
Phillip A. Laplante The Pennsylvania State University, Malvern, USA
“… this text provides a review of the theoretical and practical aspects of discovering, analyzing, modeling, validating, testing, and writing requirements for systems of all kinds, particularly software-intensive systems. Incorporating a variety of formal methods, social models, and modern requirements writing techniques useful to practicing engineers, the text is suitable for professional software engineers, systems engineers, and senior undergraduate and graduate students in these fields.” —Book News Inc., 2009
With an intentional focus on software-intensive systems, Requirements Engineering for Software and Systems provides a probing and comprehensive review of the state of technology and developments in intelligent systems, soft computing techniques, and their diverse applications in manufacturing. To illustrate key ideas associated with requirements engineering, the text presents three real-world example systems: an airline baggage handling system, a point-of-sale system for one location of a large pet store chain, and a system for a smart home in which one or more PCs control various aspects of the home’s functions. The selected systems encompass a wide range of applications—from embedded to organic, for both industrial and consumer uses. Catalog no. AU6467, 2009, 264 pp. ISBN: 978-1-4200-6467-4, $89.95 / £54.99
Edited by
Kyo C. Kang POSTECH, Pohang, South Korea
Vijayan Sugumaran Oakland University, Rochester, Michigan, USA
Sooyong Park Sogang University, Seoul, South Korea
Detailing the various aspects of SPLE implementation in different domains, Applied Software Product Line Engineering documents best practices with regard to system development. Expert contributors focus on core asset development, product development, and management, addressing the process, technical, and organizational issues needed to meet the growing demand for information. They detail the adoption and diffusion of SPLE as a primary software development paradigm and also address technical and managerial issues in software product line engineering. Providing an authoritative perspective of recent research and practice in SLPE, the text: • Presents in-depth discussions and many industry case studies • Covers applications in various domains, including automotive, business process management, and defense • Tracks the organizational, process, and technical aspects of software product lines within an organization • Provides the expertise of a distinguished panel of global contributors Increasing global competition coupled with the current economic conditions puts the pressure on software engineers and software process improvement professionals to find ways to meet the needs of expanding markets with greater efficiency. This book provides the insight to harness the power of SPLE to increase productivity, reduce time to market, and handle growing diversity. Catalog no. AU6841, January 2010, 561 pp. ISBN: 978-1-4200-6841-2, $89.95 / £57.99
For more information and complete contents, visit www.crcpress.com
21
The Business Value of IT
Third Edition of a Bestseller!
Managing Risks, Optimizing Performance, and Measuring Results
Software Testing A Craftsman’s Approach, Third Edition Paul C. Jorgensen
Michael D. S. Harris, David Herron, and Stasia Iwanicki
Grand Valley State University, Allendale, Michigan, USA
The David Consulting Group, Paoli, Pennsylvania, USA
Extending the combination of theory and practicality of the first two editions to include agile programming development, the third edition of this widely adopted text discusses the serious effect this emerging area is having on software testing. This edition begins by providing the mathematical background in discrete mathematics and linear graph theory used in subsequent sections.
“An excellent reference for the CIO and for the line manager seeking to engage the business with the transparency into the investment and cost equation they demand to justify the cost of IT.”
Next, it describes specification-based (functional) and code-based (structural) test development techniques, while extending this theoretical approach to less understood levels of integration and system testing. The author further develops this discussion to include object-oriented software. A new section relates all of the previously discussed concepts to the agile software development movement and highlights issues such as how agile and XP development environments are radically changing the role of software testers by making testing integral at every phase of the development process. • Includes downloadable programs that demonstrate white-box, black-box, and other fundamental testing types • Introduces model-based development and provides an explanation of how to conduct testing within model-based development environments • Presents an entirely new section on methods for testing software in an agile programming environment • Explores test-driven development, reexamines all-pairs testing, and explains the four contexts of software testing
—Mike Antico, CTO, Wolters Kluwer, New York, USA
The Business Value of IT: Managing Risks, Optimizing Performance, and Measuring Results examines how to measure IT performance, how to put a dollar value on IT, and how to justify value of an IT program. It places sharp technical focus on the techniques, methods, and processes used to identify and to assess risks. Leading consultants Michael D. Harris, David Herron, and Stasia Iwanicki share their real-world experiences in the field. They discuss IT from the perspective of its contribution to business, the necessity of governance, the importance of measuring performance, and the changes that must be made in order to measure IT effectively. The book also: • Examines the important measure of delivering value to business users • Demonstrates how to govern IT and how IT governance delivers real value • Shows how to change IT to improve performance • Focuses on techniques, methods, and processes for effectively identifying, assessing, and minimizing risks Catalog no. AU6474, 2008, 296 pp. ISBN: 978-1-4200-6474-2, $73.95 / £46.99
Catalog no. AU7475, 2008, 440 pp. ISBN: 978-0-8493-7475-3, $99.95 / £66.99
22
SAVE 15% when you order online at www.crcpress.com
Our up-to-date, officially sanctioned study guides and resources put you at the top of your field. The breadth and depth of experience of the authors gives insight into the key issues in certification and accreditation, including roles and responsibilities, the Information Security life cycle, and pitfalls to avoid.
SAVE 15%!
Use this Promo Code when ordering to
6000 Broken Sound Parkway, NW, Suite 300 Boca Raton, FL 33487, USA
Page 11
For a complete list of IT Resources please visit www.crcpress.com
Page 19
Page 4
Presorted Standard US Postage PAID Permit 382 South Holland IL