MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:47 PM Page 1
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:47 PM Page 2
Contents IT Management ................................................3 Security Management ....................................10 Project Management ......................................22 Software Engineering & Development ............27 Page 4
Page 17
Encyclopedia of Wireless and Mobile Communications ................................31
Page 5
Page 19
Want to maximize your buying power? Order direct from our online store and
Receive FREE Standard Shipping with every order big or small.
Page 20
Visit us at
www.crcpress.com
to view more information and complete tables of contents for these and many other related books.
MBCITM0 MC_1.0810gtr
Page 14
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:47 PM Page 3
IT Management New!
The SIM Guide to Enterprise Architecture Edited by
Leon A. Kappelman University of North Texas, Denton, USA
"… the best and most comprehensive book that I have seen on this critically important topic ..." — Ed Trainor, CIO & Senior Vice President, IS, Amtrak
"The best in the field bringing clarity to EA." — Joe Tenczar, Sr. Director of Technology/CIO, Hard Rock International
"A compelling book co-authored by the "who’s who" in the EA space. … an excellent source for real world, practical insight and ideas." — Michael Rapken, CIO and Executive Vice President, YRC Worldwide, Inc.
Enterprise architecture is leading IT’s way to the executive boardroom, as CIOs are now taking their place at the management table. Organizations investing their time, money, and talent in enterprise architecture (EA) have realized significant process improvement and competitive advantage. However, as these organizations discovered, it is one thing to acquire a game-changing technology but quite another to discover ways to use it well. A project of the Society for Information Management’s Enterprise Architecture Working Group and edited by Leon A. Kappelman, this volume provides insights from leading authorities on EA, including John Zachman, Larry DeBoever, George Paras, Jeanne Ross, and Randy Hite. It supplies a solid understanding of key concepts for effectively leveraging EA to redesign business processes, integrate services, and become an Information Age enterprise. Beginning with a look at current theory and frameworks, the book discusses the practical application of enterprise architecture and includes a wealth of best practices, resources, and references. It contains the SIM survey of IT organizations’ EA activities, which provides important metrics for evaluating progress and success.
New!
Cloud Computing Implementation, Management, and Security John W. Rittinghouse Hypersecurity LLC, Houston, Texas, USA
James F. Ransome Providing the knowledge necessary to make informed, decisions regarding cloud initiatives, Cloud Computing: Implementation, Management, and Security provides an understanding of what cloud computing really means, explores how disruptive it may become in the future, and examines its advantages and disadvantages. The authors first discuss the evolution of computing from a historical perspective, focusing primarily on advances that led to the development of cloud computing. They then survey some of the critical components that are necessary to make the cloud computing paradigm feasible. They also present various standards based on the use and implementation issues surrounding cloud computing and describe the infrastructure management that is maintained by cloud computing service providers. After addressing significant legal and philosophical issues, the book concludes with a hard look at successful cloud computing vendors. Helping to overcome the lack of understanding preventing even faster adoption of cloud computing, this book arms readers with guidance essential to make smart, strategic decisions on cloud initiatives.
Contents: Evolution of Cloud Computing. Components. Standards. Systems. Legal Issues. Cloud Vendors to Watch. Future Directions of Cloud Computing. Day-to-Day Management Issues Running a Cloud Environment. References. External Links. Catalog no. K10347, January 2010, 340 pp. ISBN: 978-1-4398-0680-7, $79.95 / £49.99
Catalog no. K10555, January 2010, 330 pp. ISBN: 978-1-4398-1113-9, $59.95 / £38.99
For more information and complete contents, visit www.crcpress.com
3
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:47 PM Page 4
IT Management A Guide to Lean Six Sigma Management Skills
New!
Howard S. Gitlow
Information Technology Applications in Lean Systems
Measuring and Improving Performance
University of Miami, Coral Gables, Florida, USA
Authored by one of the most respected Six Sigma Master Black Belts, this well-organized volume demonstrates the implementation of quality improvements into all areas of the workplace—from the shop floor to a company’s executive offices. Illustrating concepts with a number of case studies, the author provides a compelling argument as to why Six Sigma should be the preferred approach. The book explains how to build an organization that encourages and values the input of quality team — detailing the steps required to implement and maintain lean initiatives. Catalog no. AU416X, 2009, 166 pp. ISBN: 978-1-4200-8416-0, $44.95 / £24.99
New!
Lean Six Sigma Secrets for the CIO
James William Martin Six Sigma Integration, Inc., Rehoboth, Massachusetts, USA
This work explains how the effective use of Lean project management methodologies can increase the productivity of information system deployment in service and manufacturing organizations. Starting with an overview of Lean and agile project management principles, the author walks readers through the implementation of Lean practices across key aspects of IT systems. Created to provide Lean and Six Sigma practitioners with a clear understanding of important concepts related to the creation and modification of software to support process improvement activities, this reference: • Details how to apply Lean principles to IT systems on a global scale • Explains how to design IT systems capable of meeting evolving customer needs and expectations
William Bentley Peter Davis & Associates, Georgia, USA
Peter T. Davis Peter Davis & Associates, Toronto, Ontario, Canada
"… Bill and Peter deliver the tools you need to dig below the surface and get to the root of efficiency matters …" —Connie Siewert, Business Development Manager, IBM
"A thorough yet manageable treatise on virtually all the popular methods for improvement ..." — Tom Guthrie, VP of Enterprise Architecture, Cox Communications
Lean Six Sigma Secrets for the CIO supplies proven tips and case studies that illustrate how to combine Six Sigma’s rigorous quality principles with Lean methods for uncovering and eliminating waste in IT processes. Savvy IT veterans describe how to use Lean Six Sigma with IT governance frameworks such as COBIT and ITIL.
• Covers several project management methods including agile project management (APM), agile unified process (AUP), SCRUM, extreme programming (EP) • Identifies the operational issues that can help project execution and those that can hinder it Complete with roadmaps and checklists, this book will help busy professionals discover more efficient ways to monitor business activity, gather business intelligence, manage and analyze business processes, and ultimately—increase operational efficiency. Catalog no. AU4186, January 2010, 280 pp. ISBN: 978-1-4200-8418-4, $49.95 / £31.99
Catalog no. K10211, January 2010, 288 pp. ISBN: 978-1-4398-0379-0, $49.95 / £31.99
4
SAVE 15% when you order online at www.crcpress.com
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:47 PM Page 5
IT Management New!
New!
The Decision Model
The Executive MBA for Engineers and Scientists
A Business Logic Framework Linking Business and Technology Barbara von Halle & Larry Goldberg Knowledge Partners International, Mendham, New Jersey, USA
“… one of the classic books of a new era in computing …” —Opher Etzion, IBM Research Laboratory
“… covers the full spectrum of what you need to know when adopting decision management.” —Carole-Ann Matignon, FICO
Written by pioneering consultants and bestselling authors, this book explains how to implement the Decision Model — a stable, rigorous model of core business logic that informs current and emerging technology. The authors supply a strong theoretical foundation, while succinctly defining the path needed to incorporate agile and iterative techniques for developing a model that will be the cornerstone for continual growth. The Decision Model provides a framework for organizing business rules into well-formed, decision-based structures that are predictable, stable, maintainable, and normalized. More than this, the Decision Model directly correlates business logic to the business drivers behind it, allowing it to be used as a lever for meeting changing business objectives and marketplace demands. This book not only defines the Decision Model but also demonstrates how it can be used to organize decision structures for maximum stability, agility, and technology independence.
James J. Farley Consultant, Savannah, Georgia, USA
These days, technical merit and hard work alone no longer guarantee upward mobility for capable scientists and engineers. For those with aspirations of moving up the corporate ladder, a keen grasp of business basics is a must. Presenting concepts in an easily accessible manner, The Executive MBA for Engineers and Scientists covers the business principles and applications that today’s technical managers need to know. The book touches upon all the essentials, including marketing, sales, finance, manufacturing, and accounting. It details technical considerations including quality control, technical services, and R&D, and highlights how to effectively integrate business concepts with technical considerations. Examples based on the author’s experience working in the pharmaceutical industry and with the U.S. Food and Drug Administration illustrate how similar situations can occur in other industries and explain how to solve these problems using the same techniques. This easy-reading reference not only facilitates the understanding required of technical professionals but also provides a time-saving resource for upwardly mobile sales, marketing, and manufacturing professionals who need to expand their knowledge of technical functions. Catalog no. K10076, January 2010, 287 pp. ISBN: 978-1-4398-0099-7, $69.95 / £44.99
Catalog no. AU2817, January 2010, 553 pp, ISBN: 978-1-4200-8281-4, $59.95 / £36.99
For more information and complete contents, visit www.crcpress.com
5
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:47 PM Page 6
IT Management The Business Value of IT
Business Process Management Systems
Managing Risks, Optimizing Performance, and Measuring Results
Strategy and Implementation
Michael D.S. Harris, David Herron, & Stasia Iwanicki
James F. Chang Ivy Consultants, Austin, Texas, USA
The David Consulting Group, Paoli, Pennsylvania, USA
“An excellent reference for the CIO and for the line manager seeking to engage the business with the transparency into the investment and cost equation they demand to justify the cost of IT.” Mike Antico, CTO, Wolters Kluwer, New York, USA
Examining how to put a dollar value on IT and justify the value of an IT program, this book places sharp technical focus on the techniques, methods, and processes used to identify and assess risks. Based on the authors’ extensive experience, the book discusses IT from the perspective of its contribution to business, the necessity of governance, the importance of measuring performance, and the changes that must be made to effectively measure performance. Catalog no. AU6474, 2008, 296 pp. ISBN: 978-1-4200-6474-2, $69.95 / £44.99
Service Oriented Enterprises
“… covers almost every aspect of the field and provides definitions and summaries of various BPM concepts… a good resource for those who are interested in BPMS and are involved with integrating data, systems, and people.” Karthikeyan Umapathy, The Pennsylvania State University, in Information Technology and People, Vol. 19, No. 2
With a focus on strategy and implementation, this popular reference discusses business management practices and the technology that enables them. It analyzes the history of process management practices. Catalog no. AU2310, 2006, 304 pp. ISBN: 978-0-8493-2310-2, $93.95 / £59.99
New!
Marketing IT Products and Services Jessica Keyes New Art Technologies, Edgewater, New Jersey, USA
Setrag Khoshafian Pegasystems, Inc., Cambridge, Massachusetts, USA
Includes a CD-ROM with Time-Saving Templates and Forms
This comprehensive resource covers all the components, issues, standards, and technologies that create a service-oriented enterprise. Filled with real-world examples, Service Oriented Enterprises provides readers with innovative, yet practical, solutions. Readers are guided through each step of the development process, from analysis and design to content and portal integration and service management. The book also highlights business processes and business rules in the context of web services and service-oriented computing.
In this volume, Jessica Keyes focuses on the unique issues involved in the marketing of IT products and services. This one-stop resource provides everything needed to understand the roles, responsibilities, and management techniques essential for the development of successful strategies. The accompanying CD-ROM provides readers with numerous time-saving templates and forms, including customer and competitor analysis surveys, sample press releases, letters of agreement, demographic and target market worksheets, and cost benefit forms.
Catalog no. AU5360, 2007, 464 pp. ISBN: 978-0-8493-5360-4, $83.95 / £53.99
Catalog no. K10177, January 2010, 336 pp. ISBN: 978-1-4398-0319-6, $69.95 / £44.99
6
SAVE 15% when you order online at www.crcpress.com
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:47 PM Page 7
IT Management
Enterprise Systems Backup and Recovery A Corporate Insurance Policy
Mobile Enterprise Transition and Management
Preston de Guise
Bhuvan Unhelkar
IDATA Pty Ltd., Sydney, Australia
Instead of focusing on any individual backup product, this book recommends corporate procedures and policies needed to establish comprehensive data protection—regardless of the operating or backup systems in place. The text provides techniques for analyzing and improving current backup system performance. After reviewing the concepts in this book, readers will understand: • Terminology and concepts unique to backup software • Features and functionality found in a backup environment • Protocols to monitor and improve the performance of backup systems By utilizing the information in this book, organizations can take a step toward improving security and preventing the devastating loss of data and business revenue that can occur with poorly constructed or inefficient systems.
Contents: Human and Technical Layers. Backup and Recovery Concepts. Backup. Documentation and Training. Performance Options, Analysis, and Tuning. Recovery. Protecting the Backup Environment. Problem Analysis. Backup Reporting. Choosing a Backup Product. Best Practices. Appendix A: Technical Asides. Appendix B: Sample Recovery Request Form. Appendix C: Sample Test Form. Appendix D: Glossary of Terms. Catalog no. AU6396, 2009, 308 pp., Soft Cover ISBN: 978-1-4200-7639-4, $69.95 / £44.99
Consultant, Wahroonga, Australia
Emerging Best Practices, Case Studies, and Examples of Successful Transitions "… intertwines the wide and varying dimensions of economy, technology, process, and sociology together in a comprehensive and cohesive approach to ensure successful transitions and management of mobile business." —Edward Yourdon, Computer Hall of Fame Inductee
Addressing the rapid evolution of global communications, Mobile Enterprise Transition and Management provides step-by-step guidance on how to configure, enact, and manage the process of integrating mobile technology within your organization. The mobile enterprise transition (MET) process presented considers input from the four significant dimensions of an organization—economic, technical, process, and social—making it a well-rounded and complete process. Based on extensive research, literature review, and practical experimentation in METs, this comprehensive text presents emerging best practices, exhaustive case studies, and examples of successful transitions. It also provides detailed references, and a glossary of key terms and commonly used acronyms. Whether you are an engineer, network manager, business manager, or other decision maker, this book will show you how to develop customized integration strategies to achieve the competitive advantages that today’s mobile innovations make possible. Catalog no. AU8275, 2009, 420 pp. ISBN: 978-1-4200-7827-5, $79.95 / £48.99
For more information and complete contents, visit www.crcpress.com
7
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:47 PM Page 8
IT Management
The Green and Virtual Data Center
Coming Soon!
Green IT
Greg Schulz
Rex Maus
StorageIO Group, Stillwater, Minnesota, USA
Exmar Offshore Company, Texas, USA
“…an excellent primer for those wanting to understand how to create data centers for this new paradigm."
Functioning as a complete guide to green strategies, this book covers the fundamental information that managers and CIOs need to know to create a green IT strategy. It provides the tools and strategies necessary for making cost effective decisions that minimize the impact on the environment for new and existing facilities. The adaptive strategies described focus on the reasons to implement, business impact, and cost and benefit to the enterprise.
–Kurt Marko, in Processor, March 2009
" … extremely well organized and easy to follow. … could easily serve as a blueprint for organizations to follow when they look for ideas on how to design new data centers. It's a great addition to an IT Bookshelf." —Dr. Steve Guendert, Global Solutions Architect, Brocade Communications
“… doesn’t really pass judgment on whether or not you should re-adjust your IT initiatives around some greener-good agenda. He’s focused moreso on illustrating how some of the technologies you’re already considering for the good of your business – virtualization, blade platforms, cloud computing power management – might otherwise be pretty cool for the environment, too." – Heather Clancy, Green Tech Pastures, in ZDNet, February 2009
This book provides strategies and blueprints for enabling and deploying environmentally friendly next-generation data centers. It looks at design and implementation tradeoffs using various best practices and technologies to sustain application and business growth while maximizing resources, including power, cooling, floor space, storage, server performance, and network capacity. The book also explores performance and capacity planning in a virtual environment that supports resource-demanding applications such as OLTP and streaming media. Catalog no. AU6669, 2009, 400 pp. ISBN: 978-1-4200-8666-9, $79.95 / £48.99
8
This forward-looking reference showcases 13 specific initiatives and also: • Provides a checklist for managers looking to transition to greener IT management • Addresses green issues throughout the IT lifecycle • Includes cost-effective solutions for new and existing facilities • Covers global requirements and standards for multinational companies • Reviews the unintended consequences and myths of commonly accepted solutions • Proposes future strategies that IT managers will be expected to follow in coming years
Contents: Introduction—Description of "Green" Description of Strategies. Implementors—5 W’s Describing. Adoptive Strategies—Data Centers. Adoptive Strategies—Enterprise. Future Forecast and Strategies. Summary. Appendix/Glossary. Catalog no. K10191, April 2010, c. 270 pp. ISBN: 978-1-4398-0342-4, $69.95 / £44.99
SAVE 15% when you order online at www.crcpress.com
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:47 PM Page 9
IT Management Enterprise Architecture A to Z Frameworks, Business Process Modeling, SOA, and Infrastructure Technology Daniel Minoli SES Americom, Princeton, New Jersey, USA
Enterprise Architecture A to Z examines costsaving trends in architecture planning, administration, and management. The text begins by evaluating the role of Enterprise Architecture planning and Service-Oriented Architecture (SOA) modeling. It provides an extensive review of the most widely deployed architecture framework models including The Open Group Architecture and Zachman Architectural Frameworks — as well as formal architecture standards. The first part of the text focuses on the upper layers of the architecture framework, while the second covers technology architecture. Catalog no. AU8517, 2008, 512 pp. ISBN: 978-0-8493-8517-9, $79.95 / £49.99
Best Practices in Business Technology Management Stephen J. Andriole Villanova University, Pennsylvania, USA
Discussing specific best practices, this book offers qualitative and quantitative methods, tools, and techniques for deploying and supporting all kinds of information technology. It identifies the range of technology decisions that managers make and the best practices that define good acquisition, deployment, and support decisions, all in an easy-to-absorb, conversational tone. The book covers the interrelated business technology alignment areas of business strategy as well as technology applications, architecture, infrastructure, support, acquisition, and organization. Each section ends with a summary of actionable best practices. Catalog no. AU6333, 2009, 368 pp. ISBN: 978-1-4200-6333-2, $69.95 / £44.99
The Effective CIO How to Achieve Outstanding Success through Strategic Alignment, Financial Management, and IT Governance
Knowledge Retention
Eric J. Brown
Jay Liebowitz
Strategies and Solutions
NCI Building Systems, The Woodlands, Texas, USA
Johns Hopkins University, Rockville, Maryland, USA
William A. Yarberry, Jr.
Devised to help organizations that are dependent on the accumulated knowledge of stakeholders, this book details a proactive approach to knowledge retention. Written by one of the most sought after knowledge management experts, this text explains how to identify at risk knowledge areas, and demonstrates how to keep those areas from becoming knowledge vacuums. To reinforce his points, the book contains case studies from The Aerospace Corporation, Chevron, and Knowledge Harvesting, Inc., which have become models for the implementation of knowledge retention strategies.
ICCM Consulting, Houston, Texas, USA
Unlike other books that merely discuss strategies important to the chief information officer, this volume explains how the guidelines it recommends can be executed. The author provides a survey of existing strategies and includes detailed problemsolving ideas. The book brings together two perspectives: that of a working CIO who must cope with the day-to-day pressure for results and that of an IT auditor focused on governance and internal control. Examples, charts, templates, and anecdotes supplement the material. Catalog no. AU6460, 2009, 336 pp. ISBN: 978-1-4200-6460-5, $79.95 / £49.99
Catalog no. AU6465, 2009, 144 pp. ISBN: 978-1-4200-6465-0, $69.95 / £44.99
For more information and complete contents, visit www.crcpress.com
9
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:47 PM Page 10
Security Management
Information Security Management Handbook Sixth Edition
Available in print or on CD-ROM Edited by
Harold F. Tipton HFT Associates, Villa Park, California, USA
Micki Krause Nozaki Pacific Life Insurance Company, Newport Beach, California, USA
Considered the gold-standard reference on information security, and now in its sixth edition, the Information Security Management Handbook is organized under the CISSP® Common Body of Knowledge (CBK) domains. This handbook has become the standard on which all IT security programs and certifications are based. It provides a compilation of the fundamental knowledge, skills, techniques, and tools required by all IT security professionals.
Information Security Management Handbook
Bestseller!
Information Security Management Handbook
Sixth Edition, Volume 3
Sixth Edition Now in its sixth edition, the 3200-page print version continues to be updated yearly. Volumes 2 and 3 are stand-alone references that reflect changes to the Common Body of Knowledge made in response to changing technologies and laws in different countries and regions. Catalog no. AU7495, 2007, 3280 pp. ISBN: 978-0-8493-7495-1, $159.95 / £99.00
Catalog no. AU0925, 2009, 392 pp. ISBN: 978-1-4200-9092-5, $99.95 / £60.99
Information Security Management Handbook Sixth Edition, Volume 2
Best Offer!
Catalog no. AU6708, 2008, 456 pp. ISBN: 978-1-4200-6708-8, $99.95 / £63.99
Get all three volumes and more on a single CD-ROM
Information Security Management Handbook, 2009 CD-ROM Edition Containing the complete contents of the original 3200-page handbook plus the updates of Volumes 2 and 3, this portable reference is linked, searchable by keyword, and organized under the CISSP® Common Body of Knowledge (CBK) domains. The CD-ROM contains an extra volume's worth of information—including chapters from security and networking books that you simply won’t find anywhere else. Exportable text and hard copies are available at the click of a mouse. Catalog no. AU0984, January 2010, CD-ROM, ISBN: 978-1-4200-9098-7, $159.95 / £97.00
10
SAVE 15% when you order online at www.crcpress.com
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:47 PM Page 11
Security Management Oracle Identity Management Governance, Risk, and Compliance Architecture, Third Edition
HOWTO Secure and Audit Oracle 10g and 11g
Marlin B. Pohlman
Ron Ben Natan
Oracle Corporation, Redwood Shores, California, USA
CTO, Guardium Inc., Waltham, Massachusetts, USA
Written by a director with Oracle who is recognized as one of the primary educators worldwide on identity management, regulatory compliance, and corporate governance, this is the definitive guide for corporate stewards struggling with the challenge of meeting regulatory compliance pressures.
Oracle has more security-related functions, products, and tools than almost any other database engine. Unfortunately, most users are familiar with less than 20 percent of the security mechanisms within Oracle. Written by one of the most respected and knowledgeable database security experts in the world, HOWTO Secure and Audit Oracle 10g and 11g shows readers how to navigate the options, select the right tools, and avoid common pitfalls.
In the book’s first chapters, Dr. Pohlman examines multinational regulations and delves into the nature of governance, risk, and compliance. He also cites common standards, illustrating a number of well-known compliance frameworks. He then focuses on specific software components that will enable secure business operations. To complete the picture, he discusses elements of the Oracle architecture, which permit reporting essential to the regulatory compliance process, and the vaulting solutions and data hubs, which collect, enforce, and store policy information. Examining case studies from the five most regulated business verticals — financial services, retail, pharma-life sciences, higher education, and the U.S. public sector — this work teaches corporation stewards how to: • Attain and maintain high levels of integrity • Eliminate redundancy and excessive expense in identity management • Map solutions directly to region and legislation • Hold providers accountable for contracted services Identity management is the first line of defense in the corporate internal ecosystem. Reconciling theory and practicality, this volume makes sure that defense is workable, responsive, and effective. Catalog no. AU7247, 2008, 552 pp., Soft Cover, ISBN: 978-1-4200-7247-1, $69.95 / £44.99
The text is structured as HOWTOs addressing each security function in the context of Oracle 11g and Oracle 10g. Among a long list of HOWTOs, readers will learn how to: • Choose configuration settings that make it harder to gain unauthorized access • Understand when and how to encrypt data-at-rest and data-in-transit and how to implement strong authentication • Use and manage audit trails and advanced techniques for auditing • Assess risks that may exist and determine how to address them • Make use of advanced tools and options including Advanced Security Options, Virtual Private Database, Audit Vault, and Database Vault Providing authoritative and succinct instructions highlighted by examples, the text also provides an overview of cryptography, covering encryption and digital signatures, showing readers how Oracle Wallet Manager and orapki can be used to generate and manage certificates and other secrets. Catalog no. AU4127, 2009, 472 pp. ISBN: 978-1-4200-8412-2, $69.95 / £42.99
For more information and complete contents, visit www.crcpress.com
11
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:48 PM Page 12
Security Management New!
Coming Soon!
Official (ISC) Guide to the CISSP® CBK®, Second Edition
Official (ISC)2® Guide to the CISSP®-ISSAP® CBK
Edited by
Edited by
2®
Harold F. Tipton HFT Associates, Villa Park, California, USA
This officially sanctioned resource is the most upto-date study guide available for those seeking CISSP certification. The accompanying CD-ROM includes sample exams that simulate the actual exam, providing the same number and types of questions with the same allotment of time. It even grades the exam, provides correct answers, and identifies areas in which more study is needed. Catalog no. K10480, January 2010, 965 pp. ISBN: 978-1-4398-0959-4, $69.95 / £44.99
Harold F. Tipton HFT Associates, Villa Park, California, USA
The Official Guide to the (ISC)² CISSP-ISSAP CBK assures competence in the six major domains of the Information Systems Security Architecture Professional (ISSAP) Concentration. Using this guide, CISSP-ISSAP candidates will understand the key concepts and requirements within the CISSP-ISSAP CBK. Catalog no. K10073, May 2010, c. 500 pp. ISBN: 978-1-4398-0093-5, $79.95 / £49.99
Bestseller!
Official (ISC)2® Guide to the CISSP®-ISSEP® CBK Edited by
Susan Hansche, CISSP-ISSEP
CISO Leadership Essential Principles for Success Edited by
Todd Fitzgerald Milwaukee, Wisconsin, USA
PEC Solutions, Fairfax, Virginia, USA
Micki Krause
Providing an inclusive analysis of the topics covered in the CISSP-ISSEP Common Body of Knowledge, this comprehensive guide promotes a clear understanding of the four ISSEP domains. It explains ISSE by comparing it to a traditional Systems Engineering model.
Pacific Life Insurance Company, Newport Beach, California, USA
Catalog no. AU2341, 2006, 1024 pp. ISBN: 978-0-8493-2341-6, $73.95 / £46.99
Bestseller!
“For those with a forward career-path in information security, CISO Leadership is a valuable guidebook. The authors' war stories can help you avoid the bumps as you go down that road. The breadth and depth of the experience of the authors makes this a unique book that you can use to further your information security career." —Ben Rothke, Security Management
Building and Implementing a Security Certification and Accreditation Program OFFICIAL (ISC)2® GUIDE to the CAPcm CBK® Patrick D. Howard
Catalog no. AU7943, 2008, 312 pp. ISBN: 978-0-8493-7943-7, $73.95 / £46.99
Official (ISC)2® Guide to the SSCP® CBK® Edited by
Nuclear Regulatory Commission, USA
Diana-Lynn Contesti, Douglas Andre, Eric Waxvik, Paul A. Henry, and Bonnie A. Goins
An officially sanctioned guide, this bestselling volume demonstrates the effectiveness of certification and accreditation (C&A) as a risk management methodology for IT systems in public and private organizations. It provides an overview of C&A components, showing how to document the status of IT security controls and secure systems via standard, repeatable processes. It also includes a case study of the successful C&A implementation in a major U.S. government department.
Nowhere else are the seven domains of the CBK® embodied more adeptly than in this popular first edition of the Official (ISC)²® Guide to the SSCP® CBK®. In a milestone effort by (ISC)²®, five of the of the world's leading tacticians acknowledge the importance of the security implementation process.
Catalog no. AU2062, 2006, 344 pp. ISBN: 978-0-8493-2062-0, $93.95 / £59.99
Catalog no. AU2774, 2007, 608 pp. ISBN: 978-0-8493-2774-2, $62.95 / £39.99
12
SAVE 15% when you order online at www.crcpress.com
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:48 PM Page 13
Security Management New!
Bestseller!
Data Protection
Information Technology Control and Audit
Governance, Risk Management, and Compliance David G. Hill Mesabi Group LLC, Westwood, Massachusetts, USA
Explaining how to gain a handle on the vital aspects of data protection, this book offers a solid understanding of how data protection fits into various organizations. It places data protection in a governance, risk management, and compliance (GRC) framework, discussing existing and emerging data protection technologies and how they relate to each other. The author explores the impact of novel trends, including cloud computing, storage tiering, server virtualization, and green computing. He also shows how to improve the data protection process through the high-level PROTech model. Topics covered include data retention, data security, and eDiscovery. Catalog no. K10353, January 2010, 330 pp. ISBN: 978-1-4398-0692-0, $69.95 / £44.99
IT Auditing and Sarbanes-Oxley Compliance Key Strategies for Business Improvement Dimitris N. Chorafas Consultant for Major Corporations, France and Switzerland
This book links two key strategies for business improvement — information technology auditing and Sarbanes-Oxley compliance. Both require ethical accounting practices, focused auditing activities, a functioning system of internal control, and a close watch by the board’s audit committee and CEO. All of the concepts are reviewed in detail and reinforced with case studies that demonstrate the proper steps needed for complete analysis. Those companies that make good use of the procedures in this book will avoid the same mistakes that transformed companies such as Enron and Worldcom from world class organizations into colossal disasters. Catalog no. AU6170, 2009, 305 pp. ISBN: 978-1-4200-8617-1, $89.95 / £57.99
Third Edition Frederick Gallegos & Sandra Senft California State Polytechnic University, Pomona, USA
Praise for the First Edition: "...very useful for beginners as well as practitioners …well written and presented. — Information Systems Control Journal
Now in its third edition, this introductory reference to IT governance, control, and auditing reviews pertinent legislation, discusses the future of auditing in the 21st century, and examines strategy, standards, acquisition, and implementation. It explores delivery and support and reviews advanced topics including virtual environment, virtual security, e-commerce, and enterprise resource planning. It also includes helpful guidelines for preparing for the CISA Exam. Catalog no. AU6550, 2009, 774 pp. ISBN: 978-1-4200-6550-3, $89.95 / £57.99
Information Security Design, Implementation, Measurement, and Compliance Timothy P. Layton Grover, Missouri, USA
Presenting an in-depth perspective of the ISO/IEC 17799 Information Security Standard, this book provides a detailed analysis of how to use the standard to effectively measure an information security program. It includes a qualitative-based risk assessment methodology and describes a quantitative measurement framework that readers can adopt and implement within the risk assessment process in their own organization. The text devotes individual chapters to each of the 11 control areas defined in the standard. Catalog no. AU7087, 2007, 264 pp. ISBN: 978-0-8493-7087-8, $93.95 / £59.99
For more information and complete contents, visit www.crcpress.com
13
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:48 PM Page 14
Security Management Bestseller!
Intelligent Network Video
21st Century Security and CPTED
Understanding Modern Video Surveillance Systems
Designing for Critical Infrastructure Protection and Crime Prevention
Fredrik Nilsson & Axis Communications, Inc.
Randall I. Atlas Atlas Safety and Security Design, Inc., Ft. Lauderdale, Florida, USA
Chelmsford, Massachusetts, USA
Includes a CD with Tools for Deploying and Optimizing an Installation Providing detailed coverage of advanced digital networking and intelligent video capabilities and optimization, this book addresses general concepts. It explains why IP-based systems provide better quality at a lower cost, and provides timely information on cameras and DVRs. It also discusses frame rate control, indoor/outdoor installations, and MPEG-4 and other digital video formats.
Written by top experts in the field, this popular reference examines recent trends in the developing field of Crime Prevention through Environmental Design (CPTED). Facilitating understanding across diverse fields and highly relevant to critical infrastructure protection, it addresses the application of CPTED to highsecurity environments, as well as buildings in the public and private sectors. Catalog no. AU6807, 2008, 560 pp. ISBN: 978-1-4200-6807-8, $89.95 / £57.99
Catalog no. AU6156, 2009, 416 pp. ISBN: 978-1-4200-6156-7, $79.95 / £49.99
New!
Critical Infrastructure
Intelligent Video Surveillance
Understanding Its Component Parts, Vulnerabilities, Operating Risks, and Interdependencies
Systems and Technology Edited by
Tyson Macaulay
Yunqian Ma Honeywell International, Inc., Minnesota, USA
Gang Qian Arizona State University, Tempe, USA
The latest implementation of surveillance cameras calls for advanced video systems that can autonomously recognize people, detect movements, and identify targeted activities in real-time. In response to such demand, this book examines the fundamental principles of current intelligent video surveillance systems. The text provides a comprehensive look at the algorithmic design and system implementation for intelligent video surveillance. The authors cover computational principles, system implementation issues, and practical applications of present and future systems.
CISSIP, CISA, ISSPCS, Ottawa, Ontario, Canada
Critical Infrastructure (CI) is a little understood topic, that seems to generate more fear than rational discussion. Moving beyond definitions, this volume examines the iron triangle within CI: power, telecom, and finance. It introduces the concept of CIs as industrial and enterprise risk conductors, highlighting the fact that a CI failure can propagate an impact throughout an enterprise. This text rethinks the concept of a CI according to contemporary factors, providing guidance for mitigating risk within the framework of national economies. Catalog no. AU6835, 2009, 344 pp. ISBN: 978-1-4200-6835-1, $79.95 / £49.99
Catalog no. K10681, January 2010, 590 pp. ISBN: 978-1-4398-1328-7, $119.95 / £72.99
14
SAVE 15% when you order online at www.crcpress.com
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:48 PM Page 15
Security Management New!
Building an Enterprise-Wide Business Continuity Program
Crisis Management Planning and Execution
Kelley Okolita
Consultant, Frazer, Pennsylvania, USA
Master Business Continuity Planner (MBCP), Worcester, Massachusetts, USA
Drawing on more than two decades of experience in creating continuity plans and using them in actual recoveries — including 9/11 and Hurricane Katrina — the renowned author goes beyond theory to provide planners with the tools to build a continuity program in any enterprise. This book offers guidance on each step of the process, including how to validate the plan, and time-tested tips for keeping the plan actionready over the course of time. This complete handbook gives planners tips for getting started, a sample plan, and information needed to sell a continuity program to senior leadership. Catalog no. AU8645, January 2010, 344 pp. ISBN: 978-1-4200-8864-9, $79.95 / £49.99
Business Resumption Planning Second Edition Edited by
Leo A. Wrobel TelLAWCom Labs, Inc., Ovilla, Texas, USA
Includes a CD with a Host of Worksheets and Audit Forms
Edward S. Devlin “... provides a clear, concise, and complete look at crisis management planning. ... provides us with the ‘hows,’ the ‘whys,’ and the ‘why nots’...” —Richard L. Arnold, CBCP, Publisher/Owner of the Disaster Recovery Journal
This volume begins by defining the elements of a business continuity plan. It then examines the progressive stages of a crisis, the four steps needed to manage a crisis, and the role of the executive management team. It also discusses the importance of the crisis communications team and explains how to establish a command center. Catalog no. AU2244, 2007, 528 pp. ISBN: 978-0-8493-2244-0, $73.95 / £46.99
New!
Security Manager's Guide to Disasters Managing Through Emergencies, Violence, and Other Workplace Threats Anthony D. Manley
Offering practical advice along with templates, checklists, and directions to public domain information, Business Resumption Planning, Second Edition assists in creating a solid disaster response and recovery plan for any size organization. It presents methods for the implementation and maintenance of infrastructure continuity planning, and offers updated techniques for conducting a business impact analysis and computing the probability of a disaster. It also discusses the Sarbanes-Oxley Act.
This volume examines the most significant emergencies that may confront those managing security, business continuity, or risk as they protect people and property; prevent crime, and avoid liability. The book includes ways to prevent or reduce the severity of the incident, suggests how to properly interact with governmental agencies, and provides managers with a system for stabilization, recovery, and restoration.
Catalog no. AU1459, 2009, 512 pp. ISBN: 978-0-8493-1459-9, $89.95 / £57.99
Catalog no. K10448, January 2010, 408 pp. ISBN: 978-1-4398-0906-8, $99.95 / £60.99
Wantagh, New York, USA
For more information and complete contents, visit www.crcpress.com
15
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:48 PM Page 16
Security Management CISO Soft Skills Securing Organizations Impaired by Employee Politics, Apathy, and Intolerant Perspectives
The CISO Handbook A Practical Guide to Securing Your Company
Ron Collette, Michael Gentile, & Skye Gentile
Mike Gentile, Ron Collette, & Tom August
This companion volume to the highly touted CISO Handbook presents security practitioners with tools to identify the intangible negative influencers of security, and provides techniques for identifying, minimizing, and overcoming these pitfalls within customized situations.
The CISO Handbook: A Practical Guide to Securing Your Company provides unique insights and guidance into designing and implementing an information security program. The authors present several essential high-level concepts before building a robust framework that will enable readers to map the concepts to their company’s environment. The book is presented in chapters that follow a consistent methodology—Assess, Plan, Design, Execute, and Report.
The book discusses the security constraints that can negatively influence a CISO and an organization’s ability to secure itself — including employee apathy, employee myopia or tunnel vision, employee primacy, (often exhibited as office politics), and the infancy of the information security discipline. The authors explain what a CISO can do about these security constraints, providing numerous practical and actionable exercises, tools, and techniques to identify, limit, and compensate for the influence of security constraints in any type of organization. Reflecting the experience and solutions of those in modern organizations, this reference offers actionable solutions for identification, remediation, or compensation of the constraints that can hinder a security program. It employs research and survey data to support recommendations and introduces the R.E.A.P. Security Success Model (Relate, Educate, Appraise and Act, and Poise). The final chapters discuss some proactive techniques that CISOs can utilize to secure challenging work environments.
Contents: What’s Not Right. True Security Model. Apathy. Myopia. Primacy. Infancy. Tying It All Together. Closing Thoughts. Appendices. Exercises. REAP Templates.
The first chapter, Assess, identifies the elements that drive the need for information security programs. Plan discusses how to build the foundation of your program. Design demonstrates how to construct the policies and procedures to meet identified business objectives. Execute emphasizes the creation of a successful execution model for the implementation of security projects against the backdrop of common business constraints. Report focuses on communicating back to the external and internal stakeholders with information that fits the various audiences. Each chapter begins with an overview, followed by foundation concepts that are critical to understanding the material presented. The chapters also contain a methodology section that explains the steps necessary to achieve the goals of the particular chapter. The appendix provides readers with design chapter worksheets, a report creation process worksheet, requirements sample, and a SDLC Checklist. Catalog no. AU1952, 2006, 352 pp. ISBN: 978-0-8493-1952-5, $78.95 / £49.99
Catalog no. AU9102, 2009, 288 pp. ISBN: 978-1-4200-8910-3, $69.95 / £44.99
16
SAVE 15% when you order online at www.crcpress.com
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:48 PM Page 17
Security Management New!
Bestseller!
Risk Analysis and Security Countermeasure Selection
The Security Risk Assessment Handbook
Thomas L. Norman, CPP/PSP/CSC Protection Partners International, Houston, Texas, USA and Beirut, Lebanon
Explaining how to evaluate the appropriateness of countermeasures from a cost perspective, this work details the five core principles of the risk analysis lifecycle. Using numerous case illustrations and language that’s easy to understand, it guides readers from basic principles to complex processes, evaluating DHS-approved risk assessment methods. This complete resource includes an adaptable graphic risk analysis tool that can be applied in public or private industry and works with all DHS — approved methods. Catalog no. AU7870, January 2010, 422 pp. ISBN: 978-1-4200-7870-1, $59.95 / £38.99
A Complete Guide for Performing Security Risk Assessments Douglas J. Landoll En Pointe Technologies, Austin, Texas, USA
This comprehensive manual provides detailed insight into how to conduct an information security risk assessment. This bestselling volume provides real-world advice that promotes professional development and experience. It also enables security consumers to better negotiate the scope and rigor of a security assessment, effectively interface with a security assessment team, deliver insightful comments on a draft report, and have a greater understanding of final report recommendations. The book includes charts, checklists, examples, and templates that speed up data gathering, analysis, and document development. Catalog no. AU2998, 2006, 504 pp. ISBN: 978-0-8493-2998-2, $83.95 / £53.99
How to Complete a Risk Assessment in 5 Days or Less
New!
Thomas R. Peltier
Vulnerability Management
Thomas R. Peltier Associates, LLC, Wyandotte, Michigan, USA
Park Foreman GroupM, New York, USA
Based on the author’s seminars, this volume presents the various processes that an organization can employ in assessing risk, fully detailing each of its strengths and weaknesses. This information will enable managers to determine which processes best fit the needs of a given situation to mitigate risk levels. Always conscious of the bottom line, the author discusses the cost-benefit analysis of risk mitigation and looks at specific ways to manage costs. The conclusions presented are supported by numerous case studies and explained through diagrams that show how to apply risk management skills in an organization with regard to any business endeavor.
Vulnerability management proactively prevents the exploitation of IT security gaps and weaknesses that exist particularly within a larger organization. This book demonstrates how prevention can reduce the potential for exploitation and shows that it takes considerably less time and resources to manage potential weaknesses than it does to clean up after a violation. Written by a leading expert in IT security, this volume provides guidance for creating a vulnerability management program in a large, globally distributed company. It covers areas often neglected or falsely appearing secure. The text includes checklists and details the activities that constitute successful management.
Catalog no. AU6275, 2009, 444 pp. ISBN: 978-1-4200-6275-5, $79.95 / £49.99
Catalog no. K10093, January 2010, 347 pp. ISBN: 978-1-4398-0150-5, $79.95 / £48.99
For more information and complete contents, visit www.crcpress.com
17
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:48 PM Page 18
Security Management Information Security Management Metrics
Bestseller!
A Definitive Guide to Effective Security Monitoring and Measurement W. Krag Brotby, CISM
Measuring Regulatory Compliance, Operational Resilience, and ROI
Enterprise Security Architect, Thousand Oaks, California, USA
Debra S. Herrmann
Complete Guide to Security and Privacy Metrics
U.S. Nuclear Regulatory Commission, Washington, D.C., USA
The 20/20 hindsight of audits is no longer an effective solution to security weaknesses. This book offers a novel approach for developing and implementing security metrics essential for supporting business activities and managing information risk. It shows readers how to develop metrics that can be used across an organization to assure that its information systems are functioning, secure, and supportive of business objectives. With three decades of enterprise information security experience, the author presents a workable approach for developing and managing cost-effective enterprise information security. He provides a comprehensive overview of security metrics, discusses the current state of metrics, and looks at promising new developments. The book ensures that every facet of security required by an organization is linked to business objectives and provides metrics to measure it. It explores ways to develop effective strategic and management metrics for information security governance, risk management, program implementation and management, and incident management and response. Case studies effectively demonstrate specific ways that metrics can be implemented across an enterprise to maximize business benefit. Catalog no. AU5285, 2009, 200 pp. ISBN: 978-1-4200-5285-5, $79.95 / £48.99
“…valuable directions on how measurement works and what goes into producing a useful metric. … The master table in the introduction provides a quick guide to the particular section most relevant to the reader’s need …” — Richard Austin, in IEEE Cipher, June 2007
Defining more than 900 ready-to-use metrics that measure compliance, resiliency, and return on investment, this bestselling reference explains what needs to be measured, why and how to measure it, and how to tie security and privacy metrics to business goals and objectives. It addresses measuring compliance with legislation, regulations, and standards in the U.S., EC, and Canada including Sarbanes-Oxley, HIPAA, and the Data Protection Act-UK. The metrics covered are scaled by information sensitivity, asset criticality, and risk, and then aligned to correspond with different lateral and hierarchical functions within an organization. They are flexible in terms of measurement boundaries and can be implemented individually or in combination to assess a single security control, system, network, region, or the entire enterprise at any point in the security engineering lifecycle. The text includes numerous examples and sample reports to illustrate these concepts and stresses a complete assessment by evaluating the interaction and interdependence between physical, personnel, IT, and operational security controls. Catalog no. AU5402, 2007, 848 pp. ISBN: 978-0-8493-5402-1, $124.95 / £79.99
18
SAVE 15% when you order online at www.crcpress.com
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:48 PM Page 19
Security Management Building an Effective Information Security Policy Architecture Sandy Bacik
How to Develop and Implement a Security Master Plan
Consultant, Fuquay Varina, North Carolina, USA
Timothy D. Giles
Through the use of questionnaires, interviews, and assessments, this volume demonstrates how to evaluate an organization's culture and its ability to meet various security standards and requirements. It provides practical guidance for building, writing, and implementing policy architecture designed specifically to fit within that culture. Recognizing that the effectiveness of a policy is dependent on cooperation and compliance, the author demonstrates how to communicate that policy and provides advice on how to gain support. Samples of effective policy architecture are also included.
"This practical guide details how to construct a customized, comprehensive, five-year corporate security plan that synchronizes with the strategies of any business or institution."
Catalog no. AU5905, 2008, 368 pp. ISBN: 978-1-4200-5905-2, $79.95 / £49.99
Newnan, Georgia, USA
– In ASIS Dynamics, May/June 2009
This work provides a thorough examination of the Security Master Planning process. It explains how to develop appropriate risk mitigation strategies, and how to focus on both effectiveness and efficiency while conducting a site security assessment. It also constructs a comprehensive five-year plan that is synchronized with the overall strategies of the business or institution. Catalog no. AU6251, 2009, 352 pp. ISBN: 978-1-4200-8625-6, $79.95 / £49.99
New!
Information Assurance Architecture Keith D. Willett CTN Technologies, Millersville, Maryland, USA
Managing Security Overseas Protecting Employees and Assets in Volatile Regions Scott Alan Ast
Examining the importance of aligning computer security (information assurance) with the goals of an organization, this book gives security personnel direction as to how systems should be designed, the process for doing so, and a methodology to follow. By studying this book, readers will acquire the skills necessary to develop a security architecture that serves specific needs. They will come to understand distinctions amongst engineering architecture, solutions architecture, and systems engineering. The book also shows how the Zachman and the Federal Enterprise Architecture models can be used together to achieve the goals of a business or government agency.
Written by a Certified Protection Professional (CPP), Certified Fraud Examiner (CFE), and FBIrecognized subject matter expert, this text details the recommended protocol for protecting people and assets in hostile global settings. Scott Alan Ast offers wisdom and insight gleaned from 28 years of hands-on experience in international security management. He supplies the fundamental understanding and advanced tools required to ensure business is conducted safely regardless of the risk level—identifying the various threats that loom in international projects.
Catalog no. AU8067, 2008, 624 pp. ISBN: 978-0-8493-8067-9, $79.95 / £49.99
Catalog no. K10256, January 2010, 366 pp. ISBN: 978-1-4398-0467-4, $79.95 / £49.99
Security Professional, Olathe, Kansas, USA
For more information and complete contents, visit www.crcpress.com
19
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:48 PM Page 20
Security Management New!
New!
The Executive MBA in Information Security
Information Security Management Concepts and Practice
John J. Trinckes, Jr. Hampton, Florida, USA
Bel G. Raggad Pace University, Pleasantville, New York, USA
Although the international community has been aggressively engaged in developing security standards for network and information security worldwide, there are few resources that provide clear guidance on how to properly apply the new standards in conducting security audits and creating risk-driven information security programs. Meeting this need, Information Security Management: Concepts and Practice provides a general overview of security auditing before examining the various elements of the information security life cycle. It explains the ISO 17799 standard and walks readers through the steps in conducting a nominal security audit that conforms to the standard. The book also provides detailed guidance for conducting an in-depth technical security audit leading to certification against the 27001 standard. Topics addressed include cyber security, security risk assessments, privacy rights, HIPAA, SOX, intrusion detection systems, security testing activities, cyber terrorism, and vulnerability assessments. This self-contained text is filled with review questions, workshops, and real-world examples that illustrate effective implementation and security auditing methodologies. It also includes a detailed security auditing methodology readers can use to devise and implement effective riskdriven security programs that touch all phases of a computing environment — including the sequential stages needed to maintain virtually air-tight IS management systems that conform to the latest ISO standards. Catalog no. AU7854, January 2010, c. 871 pp, ISBN: 978-1-4200-7854-1, $79.95 / £49.99
20
As the primary sponsors and implementers of information security programs, it is essential for those in key leadership positions to possess a solid understanding of the constantly evolving fundamental concepts of information security management. Developing this knowledge and keeping it current, however, requires time and energy that most executives don’t have. Supplying a complete overview of key concepts, The Executive MBA in Information Security provides the tools needed to ensure an organization has an effective and up-to-date information security management program in place. This one-stop resource provides a ready-to use security framework readers can use to develop workable programs, along with tips for avoiding common pitfalls. Allowing for quick and easy reference, this timesaving manual provides those in key leadership positions with a lucid understanding of: • The difference between information security and IT security • Corporate governance and how it relates to information security • The different functional areas related to information security • Roles and responsibilities of the chief information security officer (CISO) Presenting difficult concepts in a straightforward manner, this guide enables readers to get up to speed, quickly and easily, on what it takes to develop a rock-solid information security management program that is as flexible as it is secure. Catalog no. K10501, January 2010, 352 pp. ISBN: 978-1-4398-1007-1, $69.95 / £44.99
SAVE 15% when you order online at www.crcpress.com
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:48 PM Page 21
Security Management Insider Computer Fraud An In-depth Framework for Detecting and Defending against Insider IT Attacks Kenneth Brancik Information Security Consultant, New York, USA
Employees have easy access to sensitive information about a company and its customers, making it all too easy for greedy or disgruntled employees to sabotage a system or sell privileged information. Illustrated with practical case studies, this volume presents methods, safeguards, and techniques to protect against insider computer fraud. Drawing from the author’s two decades of experience in assessing the adequacy of IT security in the banking and securities industries, this book provides a thorough exploration of application risks and controls, web-service security, and the identification and mitigation of fraud. Catalog no. AU4659, 2008, 504 pp. ISBN: 978-1-4200-4659-5, $83.95 / £53.99
Malicious Bots
Cyber Fraud Tactics, Techniques, and Procedures Rick Howard Verisign iDefense Security Intelligence Services, Dulles, Virginia, USA
This volume explores the threats present in the cyber fraud underground. It discusses phishing/pharming, trojans/toolkits, direct threats, and pump-and-dump scams. By examining the operations of the cyber criminal, the book provides perspective into the general incentives, risks, and behavioral patterns of the fraudsters. Armed with this information, organizations and individuals are better able to develop countermeasures, craft tactics to disrupt the fraud underground, and effectively secure their systems. Catalog no. AU9127, 2009, 520 pp. ISBN: 978-1-4200-9127-4, $79.95 / £48.99
Mechanics of User Identification and Authentication
An Inside Look into the Cyber-Criminal Underground of the Internet
Fundamentals of Identity Management
Ken Dunham & Jim Melnick
"…providing a 'hacker' perspective, readers will more fully understand the ramifications of having an insecure computer, server, network, program, database and or policy. … outlines specific exploits and attacks with prescribed defenses. …this is a great resource…"
iSIGHT Partners, Inc., Dallas, Texas, USA
Dobromir Todorov Consultant, Buckinghamshire, UK
Focusing on the malicious use of bots and bot herder means and motivations, this volume provides a much needed resource for understanding the scope, sophistication, and criminal uses of bots and how to more proactively protect against them. Written in an accessible manner, but with sufficient technical detail, the book introduces botnet threats and how they function and it examines the top bot attacks against financial and government networks over the last four years to reveal the who, how, and why behind them.
This text introduces the philosophy behind user authentication and access control. It outlines the process of controlled access through authentication, authorization, and accounting, and provides specific information on the user authentication process for both UNIX and Windows. Addressing more advanced applications and services, the author presents common security models such as GSSAPI, and discusses authentication architecture.
Catalog no. AU6903, 2009, 168 pp. ISBN: 978-1-4200-6903-7, $59.95 / £38.99
Catalog no. AU5219, 2007, 760 pp. ISBN: 978-1-4200-5219-0, $83.95 / £53.99
—E-Streams, Vol. 7, No. 9
For more information and complete contents, visit www.crcpress.com
21
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:48 PM Page 22
Project Management New!
New!
The Complete Project Management Methodology and Toolkit
Implementing Program Management
Gerard M. Hill Principal, Hill Consulting Group, Woodbridge, Virginia, USA
Written by one of the nation’s most highly regarded project management mentors, The Complete Project Management Methodology and Toolkit delineates a "business-relevant" methodology that can be introduced across different industries and business environments. The book describes the ProjectPRISM™ Project Management Methodology, an innovative, matrix-based approach to conducting project management that introduces relevant concepts, practices, and tools in an effective project management solution. Aligned with common business practices, Gerard Hill’s method demonstrates how to develop project plans, keep on schedule, manage budgets, maintain areas of responsibility, and evaluate a project’s progress from concept to completion. The text offers insight for customizing the methodology to meet the unique needs of individual organizations, and also: • Presents a ready-for-use 96-tool Process Toolkit (on diskette) • Aligns project management with common business practices that exist in most business organizations • Offers detailed process and practice guidance for completing the essential activities of project management
Templates and Forms Aligned with the Standard for Program Management - Second Edition (2008) Ginger Levin, PMP, PgMP & Allen R. Green PMP, PgMP Includes a CD-ROM with Ready-To-Use Documents, Tools, Forms, and Templates In 2007, the Project Management Institute (PMI®) piloted the now highly sought after Program Management Professional (PgMP®) credential—reflecting the growing trend among organizations to coordinate the work done on numerous stand-alone projects. Written by two successful PgMPs, this complete guide presents a step-by-step methodology that will enable managers to seamlessly move their programs from theory to practice. Suitable for the novice as well as the seasoned professional, this detailed protocol for managing a program from initiation to closure parallels the PMI’s Standard for Program Management–Second Edition (2008). Filling the void in the program management literature, the book goes beyond the best practices listed in the PMI’s Standard to provide detailed guidance for these practices, enabling program managers in any organization to successfully coordinate any program.
Demonstrating that project management, in many ways, is business management, the author provides an exceptional foundation for creating a fine-tuned project management practice and a relevant business solution for every organization.
Recognizing that each organization has unique requirements, the templates described in the text can be customized and tailored as required through a CD-ROM that is included with this book. This unique package of ready-to-use documents, tools, forms, templates, and reports empowers program managers to bring their programs to a successful finish and deliver its intended benefits to stakeholders.
Catalog no. K10095, January 2010, 420 pp. ISBN: 978-1-4398-0154-3, $89.95 / £54.99
Catalog no. K10824, January 2010, 312 pp. ISBN: 978-1-4398-1605-9, $79.95 / £49.99
22
SAVE 15% when you order online at www.crcpress.com
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:48 PM Page 23
Project Management Delivering Successful Projects with TSPSM and Six Sigma A Practical Guide to Implementing Team Software ProcessSM Mukesh Jain Microsoft, Bellevue, Washington, USA
"Finally, a book with a unique blend of quality and project management to help teams deliver high quality products on time." —Juliana Gomez, Director, Corporate Business Excellence, Microsoft Corporation
Mukesh Jain of Microsoft delves into his implementation of TSP at Microsoft India. Through this case study, he examines how teams improved the software development process by combining TSP with Six Sigma to deliver significant benefits in predictability and to dramatically increase the number of zero-defect projects. Catalog no. AU6143, 2009, 280 pp. ISBN: 978-1-4200-6143-7, $79.95 / £49.99
Global Engineering Project Management M. Kemal Atesmen Independent Consultant, Santa Barbara, California, USA
Engineering projects covering multiple countries, cultures, and standards create additional challenges for the project manager. This book aligns real-world experiences in international project management with practical project management principles. Written as a hands-on reference, it illustrates all phases of an international project with real case examples. Covering startup planning, post-project evaluation, concerns over supply management, cost containment, and intellectual property, this concise resource explains how to anticipate and prepare for the challenges that may arise. Every chapter contains a checklist to remind managers of issues they must prepare for or oversee. Catalog no. AU7393, 2008, 168 pp. ISBN: 978-1-4200-7393-5, $79.95 / £49.99
Project Management Recipes for Success Guy L. De Furia Grounded in practicality, this book explains the procedures for running a successful project and highlights the finer points of managing and controlling the project. Written specifically for those responsible for the hands-on managing of projects, it is also useful to overall program managers and senior executives. Project managers will gain the confidence that comes from following a good recipe for success. Program managers will gain a perspective on the myriad of activities their project managers must perform to achieve a well-disciplined project. Senior managers will gain a perspective of the approach necessary at the beginning of a project to reduce the number of ill-advised projects and the effort required to achieve successful projects. Catalog no. AU8240, 2009, 264 pp., Soft Cover ISBN: 978-1-4200-7824-4, $49.95 / £31.99
New!
Managing Web Projects Edward B. Farkas Jackson Heights, New York, USA
This practical, step-by-step guide to managing web-based projects demystifies even the most daunting tasks. Using proven tools, international consultant Edward B. Farkas outlines a typical project lifecycle including project integration, scope, scope change, and work breakdown structures. He addresses time, human resources, communications, and quality management. Dozens of templates, schedules, checklists, and flow charts, prepare readers to become project management professionals, fully versed in and aligned with the nine knowledge areas and five processes codified by the internationally accepted standards of the Project Management Body of Knowledge (PMBOK®). Catalog no. K10273, January 2010, 401 pp. ISBN: 978-1-4398-0495-7, $59.95 / £38.99
For more information and complete contents, visit www.crcpress.com
23
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:48 PM Page 24
Project Management Building a Project Work Breakdown Structure
New!
The Project Manager's Communication Toolkit
Visualizing Objectives, Deliverables, Activities, and Schedules Dennis P. Miller, PMP
Shankar Jha
Pinehurst, North Carolina, USA
Describing the challenges and opportunities of communication in a project environment, this detailed guide highlights the range of tools available to the project manager and instructs on their effective use and application. Written from a practical standpoint, this book provides the tools and best practices needed for successful communication management. It deals primarily with written communication, including plans, reports, guidelines, procedures, messages, and presentations. Using easy to understand language, this book highlights the various project communication tools available for use including email and PowerPoint®.
"…explains the keys to an effective WBS through an Eight Step Process. … a unique and comprehensive volume."
Catalog no. K10497, February 2010, c. 208 pp. ISBN: 978-1-4398-0995-2, $59.95 / £38.99
Catalog no. AU6969, 2009, 264 pp., Soft Cover ISBN: 978-1-4200-6969-3, $49.95 / £31.99
– Business Economics, September 2008
This resource not only shows readers what they can do, but shows them how to do it. It provides an eight step process that facilitates the development of the work breakdown structure. The process defines the project through its deliverables and validates the initial target date by critical path analysis. The result is a clear visualization of the project’s objectives, deliverables, activities, and schedule.
New!
Leading IT Projects
PMP Exam Practice Test and Study Guide, Eighth Edition
The IT Manager's Guide Jessica Keyes
Edited by
New Art Technologies, Edgewater, New Jersey, USA
J. LeRoy Ward ESI International, Arlington, Virginia, USA
Individual projects are usually managed by project managers; however, IT managers may or may not be conversant in the field of project management. Leading IT Projects presents a complete tutorial on project management along with information on project manager skill sets. Offering a practical roadmap, this comprehensive text provides an understanding of how technology project management involves the planning, monitoring, and control of the people, processes, and events that occur as a computer system evolves from preliminary concept to operational implementation.
This rigorous study guide provides 40 multiplechoice practice questions in each of nine knowledge areas and the professional and social responsibilities domain. It also contains a composite 200-question practice test that simulates the PMP® exam. It includes fully referenced answers keyed to the five project management process groups, a complete bibliography, and a study matrix to help readers key in on areas that require further study. Using the self examination and study tools in this book, readers can increase their chances of passing the PMP® certification exam the first time.
Catalog no. AU7082, 2009, 336 pp. ISBN: 978-1-4200-7082-8, $79.95 / £49.99
Catalog no. N10241, January 2010, Soft Cover ISBN: 978-1-890367-52-7, $59.95 / £38.99
24
SAVE 15% when you order online at www.crcpress.com
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:48 PM Page 25
Project Management New!
Project Management Theory and Practice Gary L. Richardson University of Houston, Texas
Structured on PMI’s Project Management Body of Knowledge (PMBOK®) standard, this book covers the theory of project management and explains how its concepts are carried out in real world projects. It translates the abstract model vocabulary and processes from A Guide to the Project Management Body of Knowledge (PMBOK® Guide), Fourth Edition into an accessible discussion that includes contemporary views and future directions. Scheduling and budgeting problems, scoping projects, and questions at the end of each chapter make this book essential reading for those seeking project management certification. Catalog no. K10496, January 2010, 578 pp. ISBN: 978-1-4398-0993-8, $89.95 / £57.99
The Strategic Project Leader Mastering ServiceBased Project Leadership Jack Ferraro Project Management Leadership Training, Manassas, Virginia,USA
“... a truly uplifting book with a self-directed plan to build leadership competencies and recommended tools for establishing compatibility.” —Dr. Tony Alessandra, author of The Platinum Rule and Charisma
Project Management of Complex and Embedded Systems Ensuring Product Integrity and Program Quality Kim H. Pries Stoneridge Electronics North America, El Paso, Texas, USA
Jon M. Quigley Volvo Trucks, Greensboro, North Carolina, USA
Featuring techniques from the Department of Defense and the automotive industry, this reference explains how to deliver a reliable, complex system or product to market. The book provides a step-by-step tutorial on how to secure quality in complex products by incorporating various techniques for embedded software development. Each step in the development process is covered in detail with supplementary case studies that illustrate potential challenges in each phase of development and provide a base for deriving future solutions. Catalog no. AU7205, 2009, 376 pp. ISBN: 978-1-4200-7205-1, $89.95 / £57.99
Bestseller!
Effective Opportunity Management for Projects Exploiting Positive Risk David Hillson Risk Doctor & Partners, Petersfield, UK
The practical framework outlined in this book will enable project managers to take charge of their career development and master the role of strategy leader. It explores the attitudes and behaviors of successful leaders to provide project managers with actionable advice on how to foster leadership skills.
With step-by-step guidelines, this bestselling reference discusses the management of project opportunities by expanding the traditional risk management process to address opportunities alongside threats. It offers valuable tools and techniques that expose and capture opportunities, minimize threats, and deal with all types of uncertainty in your business and projects. Written by an experienced consultant and risk management specialist, this guide emphasizes that risk processes must cover both opportunities and threats if they are to assist in accomplishing project objectives and maximizing business benefits.
Catalog no. AU8794, 2008, 368 pp. ISBN: 978-0-8493-8794-4, $79.95 / £49.99
Catalog no. DK2925, 2004, 340 pp. ISBN: 978-0-8247-4808-1, $164.95 / £92.00
"By emphasizing the leading of people and providing a roadmap for personal development, Ferraro has created an interesting and practical book." – SciTech Book News, May 2008
For more information and complete contents, visit www.crcpress.com
25
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:48 PM Page 26
Project Management Determining Project Requirements
A Standard for Enterprise Project Management
Hans Jonasson JTC Unlimited, Shelby Twp., Michigan, USA
Michael S. Zambruski TBA&P, LLC, Cheshire, Connecticut, USA
From enterprise vision and mission to business requirements, project initiation, and management, this practical guide explains each of the basic elements needed for project success and integrates them into a balanced life-cycle continuum. It includes a decision tree for determining the most appropriate level of project documentation, describes an integrated risk management and escalation policy, and contains more than two dozen templates and completed samples of key project management tools. The author also offers a color version of the book with bonus items on a CD-ROM. Catalog no. AU7245, 2009, 128 pp., Soft Cover ISBN: 978-1-4200-7245-7, $79.95 / £49.99
Bestseller!
“…presented in a way that not only provides the reader with a comprehensive reference text, but also a valuable learning experience with its examples, activities and solutions. … recommended reading for anyone involved in today’s world of business analysis!” —Glenn R. Brûlé, IIBA Chair, International Business Development
Determining Project Requirements provides a generalized set of repeatable processes designed to ensure communication between the customer and the developer. It uses a fictional example to demonstrate the range of general techniques. It also includes built-in exercises, best practices, tools and templates, customizable solutions, and two different examples of the Business Requirements Document. Catalog no. AU4502, 2008, 320 pp. ISBN: 978-1-4200-4502-4, $62.95 / £39.99
Effective Communications for Project Management
The Complete Project Management Office Handbook
Ralph L. Kliem, PMP
Second Edition
Senior Project Manager, Fortune 500 Firm
Gerard M. Hill
This second edition of The Complete Project Management Office Handbook extends the concepts and considerations of modern project management into the realm of project management oversight, control, and support. Recognizing the need for a centralized organizational entity — the project management office (PMO) — to perform in this capacity, this book considers five stages of PMO along a competency continuum, establishing the depth of its functional responsibility. This revised edition also presents twenty functional models that can be used to guide deliberation and development of PMO operational capability.
This book examines elements of the communications process and describes the role that the Project Management Information System (PMIS) has in helping project managers become better communicators. In addition to describing how personality effects communications, the book details the seven elements of effective communications: applying active and effective listening; preparing the communications and establishing an issues management process; drafting and publishing documentation; conducting meetings; giving effective presentations; developing and deploying a project website; and building a project war room. Each chapter contains examples and checklists that can be adapted to the reader’s environment.
Catalog no. AU4680, 2008, 752 pp. ISBN: 978-1-4200-4680-9, $89.95 / £57.99
Catalog no. AU6246, 2008, 240 pp. ISBN: 978-1-4200-6246-5, $73.95 / £46.99
Principal, Hill Consulting Group, Woodbridge, Virginia, USA
26
SAVE 15% when you order online at www.crcpress.com
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:48 PM Page 27
Software Engineering & Development New!
Applied Software Product Line Engineering Edited by
Kyo C. Kang, Vijayan Sugumaran, and Sooyong Park In recent years Software Product Line (SPL) has drastically increased the productivity of IT-related industries — with many more improvements possible. This handbook details various aspects of SPL implementation in different domains, while documenting best practices with regard to system development. Expert contributors from academia and industry come together to focus on core asset development, product development, and management. They address the process, technical, and organizational issues needed to meet the demand for information in what is becoming a global paradigm shift. Catalog no. AU6841, January 2010, 561 pp. ISBN: 978-1-4200-6841-2, $89.95 / £57.99
New!
Handbook of Enterprise Integration Mostafa Hashem Sherif AT&T, Tinton Falls, New Jersey, USA
Bringing together the latest research and application results, this book provides a clear and comprehensive understanding of systems integration technologies, architectures, applications, and project management techniques involved in enterprise system integration. The text includes coverage of mobile communications, standards for integrated manufacturing and e-commerce, RFID, Web-based systems, and complete serviceoriented enterprise modeling and analysis. Practitioners will benefit from insights on managing virtual teams and management techniques for introducing complex technology into businesses. Covering best practices in enterprise systems integration, the text highlights applications across various business enterprises and includes case studies. Catalog no. AU8216, January 2010, 728 pp. ISBN: 978-1-4200-7821-3, $99.95 / £63.99
New!
Strategic Data Warehousing
New!
Achieving Alignment with Business
Enterprise-Scale Agile Software Development
Neera Bhansali
James Schiel
iMEMS Corp.
Danube Technologies, Pennsylvania, USA
Organization of data warehouses are vital but often ignored aspects of growing enterprises. This work merges technological know-how with managerial practices to show the business manager and the IT professional how better alignment between data warehouse plans and business strategies can lead to a successful data warehouse adoption that can support the entire infrastructure. This complete resource addresses the managerial and strategic aspects of data warehouses, offering solutions that will allow for the strategic alignment of these warehouses while building them and ensuring that this alignment is sustained.
Written for organizations attempting to convert their transitional development practices to agile, this book is organized into chapters sequenced to match the typical progression. Drawing on his experience in transitioning a 1400-person organization to agile development, the author provides the information and tools that will enable readers to consider potential outcomes and make the best choices for their unique situation. The content is based on the use of Scrum as an organizational framework and on XP practices used to define how software is written and tested.
Catalog no. AU3945, January 2010, 224 pp., ISBN: 978-1-4200-8394-1, $69.95 / £44.99
Catalog no. K10179, January 2010, 382 pp., ISBN: 978-1-4398-0321-9, $89.95 / £57.99
For more information and complete contents, visit www.crcpress.com
27
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:48 PM Page 28
Software Engineering & Development
New!
Software Testing as a Service
Manage Software Testing
Ashfaque Ahmed SCM Consulting, Bhilai, Chhattisgarh, India
Peter Farrell-Vinay
Software Testing as a Service explains, in simple language, how to use software testing to improve productivity, reduce time to market, and reduce costly errors. It explains how the normal functions of manufacturing can be applied to commoditize the software testing service to achieve consistent quality across all software projects. This up-to-date reference reviews different software testing tools, techniques, and practices. It provides succinct guidance on how to estimate costs, allocate resources, and make competitive bids. Replete with examples and case histories, this resource illustrates how proper planning can lead to the creation of software that is head and shoulders above the competition. Catalog no. K10002, January 2010, 228 pp., ISBN: 978-1-4200-9956-0, $79.95 / £49.99
Building and Maintaining a Data Warehouse Fon Silvers Data Warehouse Analyst and Developer, Tampa, Florida, USA
Based on a foundation of industry-accepted principles, Building and Maintaining a Data Warehouse provides an easy-to-follow approach that is cohesive and holistic. By offering the perspective of a successful data warehouse, as well as that of a failed one, the author details factors that must be accomplished and those that are best avoided. He looks at areas of a data warehouse individually and in sequence, showing how each piece becomes a working part of the whole. The book examines the concepts and principles common to every successful data warehouse, and explains how to recognize and attend to problematic gaps in an established data warehouse. Catalog no. AU6462, 2008, 328 pp. ISBN: 978-1-4200-6462-9, $79.95 / £49.99
28
Showing test managers what to focus on strategically, tactically, and operationally, this book provides a comprehensive guide to all aspects of test management. It covers unit, system, and non-functional tests with examples on how to estimate the number of bugs expected to be found, the time required for testing, and the date when a release is ready. Using a risk-based approach, the author addresses a range of questions about software products under development. This text shows test managers how to develop a basis to assess software team processes and achievements. Catalog no. AU9383, 2008, 600 pp. ISBN: 978-0-8493-9383-9, $99.95 / £63.99
The Method Framework for Engineering System Architectures Donald G. Firesmith, Peter Capell, Dietrich Falkenthal, Charles B. Hammons, DeWitt T. Latimer IV, and Tom Merendino Offering a practical way to generate effective system architecture engineering methods, this volume addresses the entire range of systems architecture including hardware, software, subsystems, and systems of systems. It defines a set of architectural roles and provides a repository of reusable architectural engineering process components to develop high-quality system architectures. It examines a cohesive set of tailorable tasks for producing associated architectural work products and establishes recommended industry practices for engineering the architecture of software-intensive systems. Catalog no. AU8575, 2009, 512 pp. ISBN: 978-1-4200-8575-4, $79.95 / £49.99
SAVE 15% when you order online at www.crcpress.com
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:48 PM Page 29
Software Engineering & Development Coming Soon!
Essential Software Testing A Use-Case Approach Greg Fournier
Process Improvement and CMMI for Systems and Software
Enlighten Solutions, Colorado Springs, USA
Ron S. Kenett
Utilizing case-driven techniques that are appropriate for any software development project, this manual communicates a realistic approach to efficient and effective software testing. Covering basic testing concepts and employing a hands-on approach, the book shows how to determine what to test, how to select proper tests, and how to perform the actual tests. It discusses techniques for building and tracing tests and demonstrates how to conduct and record results. The methods presented in this handbook are equally accessible to testers, software managers, and developers.
Emanuel Baker
Catalog no. AU9811, 2009, 280 pp., Soft Cover ISBN: 978-1-4200-8981-3, $59.95 / £38.99
New!
KPA, Ltd., Raanana, Israel Process Strategies, Inc., Los Angeles, California, USA
Process Improvement and CMMI for Systems and Software provides readers with a workable approach for achieving cost-effective process improvements for systems and software. It details a methodology for assessing the status of a development or maintenance process and lays out an effective plan for achieving process improvements. This practical resource supplies examples of measures and metrics that can be useful for establishing baselines and for monitoring process improvement projects. Catalog no. AU6050, March 2010, c. 428 pp. ISBN: 978-1-4200-6050-8, $69.95 / £44.99
Second Edition of a Bestseller!
Secure and Resilient Software Development
Interpreting the CMMI®
Mark S. Merkow & Lakshmikanth Raghavan
Margaret K. Kulpa & Kent A. Johnson
Many software books available highlight the problems with current software development but few provide actionable, ground-level solutions. Covering the entire secure software development life cycle, this book presents quality software development strategies and practices. It stresses resilience requirements with precise, actionable, and ground-level inputs that connect directly with their creators. The text helps developers understand fundamental problems and provides them with best practices, principles, design methodology, programming guidance, and testing practices. Catalog no. K11327, February 2010, c. 304 pp. ISBN: 978-1-4398-2696-6, $79.95 / £49.99
A Process Improvement Approach, Second Edition AgileDigm, Inc., Ormond Beach, Florida, USA
Taking a broad approach this second edition of a bestseller thoroughly examines the CMMI. The text first clarifies the concept of process improvement, makes the case for how and why to employ CMMI, and outlines its structure. It then provides an overview of the process areas, supported by real-world display tables, templates, and charts designed to aid organizations in their improvement efforts. Subsequent sections address measurement issues including basic metrics, statistical process control, and high maturity concerns. Catalog no. AU6052, 2008, 424 pp. ISBN: 978-1-4200-6052-2, $69.95 / £44.99
For more information and complete contents, visit www.crcpress.com
29
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:48 PM Page 30
Software Engineering & Development Architecting Software Intensive Systems
Effective Software Maintenance and Evolution
A Practitioners Guide
A Reuse-Based Approach
Anthony J. Lattanze Carnegie Mellon University, Pittsburgh, Pennsylvania, USA
Stanislaw Jarzabek
Focusing on the architecture centric design method (ACDM), this book provides deep insight into designing software architectures for systems and how to effectively use architectural design artifacts once created. The text describes how to integrate ACDM with existing organizational structures and processes. The author demonstrates how to tailor defined software process frameworks and methodologies to ACDM in order to design the architecture for a software intensive system. The chapters offer practical guidelines for the general iterative model, the general waterfall model, the rational unified process, the team software process, scrum, and extreme programming.
With software maintenance costs averaging 50% of total computing costs, it is necessary to have an effective maintenance program in place. This book explores program analyzers, reverse engineering tools, and reengineering tools indepth and explains the best ways to deploy them. It also discusses using XML-based tools, the roles of software components, object technology, and metaprogramming in improving systems maintenance. It also explains how to align software with business goals through strategic maintenance.
National University of Singapore
Catalog no. AU4569, 2009, 416 pp. ISBN: 978-1-4200-4569-7, $79.95 / £49.99
Software Testing A Craftsman's Approach, Third Edition
Catalog no. AU3592, 2007, 424 pp. ISBN: 978-0-8493-3592-1, $83.95 / £53.99
Implementing Electronic Document and Record Management Systems Azad Adam Independent Consultant, London, UK
A bestseller in its first two editions, Software Testing: A Craftsman’s Approach, Third Edition has been thoroughly revised and updated to highlight issues such as how Agile and XP development environments have changed the role of software testers. Coverage includes model-based and test-driven development, reexamination of all-pairs testing, and explanation of the four contexts of software testing. The author provides new downloadable programs that demonstrate white-box, black-box, and other fundamental types testing.
Despite the global shift toward delivering services online, there is little information available on how to electronically deliver documents and records. Implementing Electronic Document and Record Management Systems addresses this need, as well as the host of issues related to paperless enterprises. From starting up the project to systems administration, this book provides complete coverage of every aspect of implementation and management processes. The text also explains managing cultural changes and business process re-engineering that organizations undergo as they switch from paper-based records to electronic documents. Case studies offer a practical look at successful real-world implementations.
Catalog no. AU7475, 2008, 440 pp. ISBN: 978-0-8493-7475-3, $99.95 / £63.99
Catalog no. AU8059, 2008, 280 pp. ISBN: 978-0-8493-8059-4, $93.95 / £59.99
Paul C. Jorgensen Grand Valley State University, Allendale, Michigan, USA
30
SAVE 15% when you order online at www.crcpress.com
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:48 PM Page 31
“… an extensive, scholarly, professional level resource to the practical applications of electrical engineering technology for telephones, communication networks, data recording, source compression, and much more. … strongly recommended as being an utterly exhaustive reference resource which is packed from cover to cover with extensive in-depth science and technical applications.” —Michael's Bookshelf From acoustic communications and data compression to optical fibers and wireless sensor networks, the Encyclopedia of Wireless and Mobile Communications provides a substantial overview of more than 200 essential topics in the wireless communications field. Presented in three easily searchable volumes written by global experts, this bestselling encyclopedia offers a complete range of fundamental and advanced issues in telecommunications.
SAVE 15%!
Use this Promo Code when ordering to
6000 Broken Sound Parkway, NW, Suite 300 Boca Raton, FL 33487, USA
Page 5
Page 13
For a complete list of IT Management, Systems, and Security titles please visit www.crcpress.com
Page 4
Presorted Standard US Postage PAID Permit 382 South Holland IL
MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:48 PM Page 32