it management

MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:47 PM

http://www.crcpress.com/product/isbn/9781439806807




Contents

IT Management ................................................3

Security Management ....................................10

Project Management ......................................22

Software Engineering & Development ............27

Encyclopedia of Wireless and Mobile Communications ................................31

Want to maximize your buying power?

Order direct from our online store and

Receive FREE Standard Shipping

with every order big or small.

Visit us at www.crcpress.com

to view more information and

complete tables of contents

for these and many other related books.

Page 4 Page 17

Page 5 Page 19

Page 14 0

MBC

ITM

0 M

C_1.

0810

gtr

MBCITM0 5.5x8.5 MC:MBCITM0 MC 5.5x8.5 1/8/10 3:47 PM Page 2







3

IT Management

For more information and complete contents, visit www.crcpress.com

New!CloudComputingImplementation,Management, andSecurityJohn W. RittinghouseHypersecurity LLC, Houston,Texas, USA

James F. Ransome

Providing the knowledge necessary to makeinformed, decisions regarding cloud initiatives,Cloud Computing: Implementation, Manage-ment, and Security provides an understandingof what cloud computing really means, exploreshow disruptive it may become in the future, andexamines its advantages and disadvantages.

The authors first discuss the evolution of com-puting from a historical perspective, focusingprimarily on advances that led to the develop-ment of cloud computing. They then surveysome of the critical components that are neces-sary to make the cloud computing paradigmfeasible. They also present various standardsbased on the use and implementation issues sur-rounding cloud computing and describe theinfrastructure management that is maintainedby cloud computing service providers.

After addressing significant legal and philosoph-ical issues, the book concludes with a hard lookat successful cloud computing vendors. Helpingto overcome the lack of understanding prevent-ing even faster adoption of cloud computing,this book arms readers with guidance essentialto make smart, strategic decisions on cloud ini-tiatives.

Contents:Evolution of Cloud Computing. Components.Standards. Systems. Legal Issues. CloudVendors to Watch. Future Directions of CloudComputing. Day-to-Day Management IssuesRunning a Cloud Environment. References.External Links.

Catalog no. K10347, January 2010, 340 pp.ISBN: 978-1-4398-0680-7, $79.95 / £49.99

New!

The SIM Guideto EnterpriseArchitectureEdited by

Leon A. KappelmanUniversity of North Texas,Denton, USA

"… the best and most comprehensive book that Ihave seen on this critically important topic ..."

— Ed Trainor, CIO & Senior Vice President, IS, Amtrak

"The best in the field bringing clarity to EA." — Joe Tenczar, Sr. Director of Technology/CIO,

Hard Rock International

"A compelling book co-authored by the "who’swho" in the EA space. … an excellent source forreal world, practical insight and ideas."

— Michael Rapken, CIO and Executive Vice President,YRC Worldwide, Inc.

Enterprise architecture is leading IT’s way to theexecutive boardroom, as CIOs are now takingtheir place at the management table.Organizations investing their time, money, andtalent in enterprise architecture (EA) have real-ized significant process improvement and com-petitive advantage. However, as these organiza-tions discovered, it is one thing to acquire agame-changing technology but quite another todiscover ways to use it well.

A project of the Society for InformationManagement’s Enterprise Architecture WorkingGroup and edited by Leon A. Kappelman, thisvolume provides insights from leading authori-ties on EA, including John Zachman, LarryDeBoever, George Paras, Jeanne Ross, and RandyHite. It supplies a solid understanding of keyconcepts for effectively leveraging EA toredesign business processes, integrate services,and become an Information Age enterprise.Beginning with a look at current theory andframeworks, the book discusses the practicalapplication of enterprise architecture andincludes a wealth of best practices, resources,and references. It contains the SIM survey of ITorganizations’ EA activities, which providesimportant metrics for evaluating progress andsuccess.





4 SAVE 15% when you order online at www.crcpress.com

IT Management

New!

Measuring andImprovingPerformanceInformationTechnologyApplications in Lean SystemsJames William MartinSix Sigma Integration, Inc., Rehoboth, Massachusetts, USA

This work explains how the effective use of Leanproject management methodologies canincrease the productivity of information systemdeployment in service and manufacturingorganizations. Starting with an overview of Leanand agile project management principles, theauthor walks readers through the implementa-tion of Lean practices across key aspects of ITsystems.

Created to provide Lean and Six Sigma practi-tioners with a clear understanding of importantconcepts related to the creation and modifica-tion of software to support process improve-ment activities, this reference:

• Details how to apply Lean principles to IT systems on a global scale

• Explains how to design IT systems capable ofmeeting evolving customer needs and expectations

• Covers several project management methodsincluding agile project management (APM),agile unified process (AUP), SCRUM, extremeprogramming (EP)

• Identifies the operational issues that can helpproject execution and those that can hinder it

Complete with roadmaps and checklists, thisbook will help busy professionals discover moreefficient ways to monitor business activity, gath-er business intelligence, manage and analyzebusiness processes, and ultimately—increaseoperational efficiency.

Catalog no. AU4186, January 2010, 280 pp.ISBN: 978-1-4200-8418-4, $49.95 / £31.99

A Guide to Lean Six SigmaManagementSkillsHoward S. GitlowUniversity of Miami, CoralGables, Florida, USA

Authored by one of the mostrespected Six Sigma MasterBlack Belts, this well-organized volume demon-strates the implementation of quality improve-ments into all areas of the workplace—from theshop floor to a company’s executive offices.Illustrating concepts with a number of case stud-ies, the author provides a compelling argument asto why Six Sigma should be the preferredapproach. The book explains how to build anorganization that encourages and values the inputof quality team — detailing the steps required toimplement and maintain lean initiatives.

Catalog no. AU416X, 2009, 166 pp.ISBN: 978-1-4200-8416-0, $44.95 / £24.99

New!

Lean Six SigmaSecrets for the CIOWilliam BentleyPeter Davis & Associates,Georgia, USA

Peter T. DavisPeter Davis & Associates,Toronto, Ontario, Canada

"… Bill and Peter deliver the tools you need todig below the surface and get to the root of effi-ciency matters …" —Connie Siewert, Business Development Manager, IBM

"A thorough yet manageable treatise on virtual-ly all the popular methods for improvement ..." — Tom Guthrie, VP of Enterprise Architecture, Cox

Communications

Lean Six Sigma Secrets for the CIO suppliesproven tips and case studies that illustrate howto combine Six Sigma’s rigorous quality princi-ples with Lean methods for uncovering andeliminating waste in IT processes. Savvy IT veter-ans describe how to use Lean Six Sigma with ITgovernance frameworks such as COBIT and ITIL.






5

IT Management


New!

The ExecutiveMBA forEngineers and ScientistsJames J. FarleyConsultant, Savannah, Georgia, USA

These days, technical merit and hard work aloneno longer guarantee upward mobility for capa-ble scientists and engineers. For those with aspi-rations of moving up the corporate ladder, akeen grasp of business basics is a must.

Presenting concepts in an easily accessible man-ner, The Executive MBA for Engineers andScientists covers the business principles andapplications that today’s technical managersneed to know. The book touches upon all theessentials, including marketing, sales, finance,manufacturing, and accounting. It details tech-nical considerations including quality control,technical services, and R&D, and highlights howto effectively integrate business concepts withtechnical considerations. Examples based on theauthor’s experience working in the pharmaceu-tical industry and with the U.S. Food and DrugAdministration illustrate how similar situationscan occur in other industries and explain how tosolve these problems using the same techniques.

This easy-reading reference not only facilitatesthe understanding required of technical profes-sionals but also provides a time-saving resourcefor upwardly mobile sales, marketing, and man-ufacturing professionals who need to expandtheir knowledge of technical functions.


New!

The DecisionModelA Business LogicFramework LinkingBusiness andTechnologyBarbara von Halle &Larry GoldbergKnowledge Partners International, Mendham, New Jersey, USA

“… one of the classic books of a new era in com-puting …”

—Opher Etzion, IBM Research Laboratory

“… covers the full spectrum of what you need toknow when adopting decision management.”

—Carole-Ann Matignon, FICO

Written by pioneering consultants and best-selling authors, this book explains how to imple-ment the Decision Model — a stable, rigorousmodel of core business logic that informs cur-rent and emerging technology. The authors sup-ply a strong theoretical foundation, while suc-cinctly defining the path needed to incorporateagile and iterative techniques for developing amodel that will be the cornerstone for continualgrowth.

The Decision Model provides a framework fororganizing business rules into well-formed, deci-sion-based structures that are predictable, sta-ble, maintainable, and normalized. More thanthis, the Decision Model directly correlates busi-ness logic to the business drivers behind it,allowing it to be used as a lever for meetingchanging business objectives and marketplacedemands. This book not only defines theDecision Model but also demonstrates how it canbe used to organize decision structures for max-imum stability, agility, and technology inde-pendence.

Catalog no. AU2817, January 2010, 553 pp,ISBN: 978-1-4200-8281-4, $59.95 / £36.99





IT Management

BusinessProcessManagementSystemsStrategy andImplementationJames F. ChangIvy Consultants, Austin, Texas, USA

“… covers almost every aspect of the field andprovides definitions and summaries of variousBPM concepts… a good resource for those whoare interested in BPMS and are involved withintegrating data, systems, and people.”

� Karthikeyan Umapathy, The Pennsylvania StateUniversity, in Information Technology and People,

Vol. 19, No. 2

With a focus on strategy and implementation,this popular reference discusses business man-agement practices and the technology thatenables them. It analyzes the history of processmanagement practices.Catalog no. AU2310, 2006, 304 pp.ISBN: 978-0-8493-2310-2, $93.95 / £59.99

The BusinessValue of ITManaging Risks,OptimizingPerformance, andMeasuring Results

Michael D.S. Harris,David Herron, & Stasia IwanickiThe David Consulting Group, Paoli, Pennsylvania, USA

“An excellent reference for the CIO and for the linemanager seeking to engage the business with thetransparency into the investment and cost equa-tion they demand to justify the cost of IT.”

Mike Antico, CTO, Wolters Kluwer, New York, USA

Examining how to put a dollar value on IT andjustify the value of an IT program, this book placessharp technical focus on the techniques, meth-ods, and processes used to identify and assessrisks. Based on the authors’ extensive experience,the book discusses IT from the perspective of itscontribution to business, the necessity of gover-nance, the importance of measuring perform-ance, and the changes that must be made toeffectively measure performance.

Catalog no. AU6474, 2008, 296 pp.ISBN: 978-1-4200-6474-2, $69.95 / £44.99

New!

Marketing ITProducts andServicesJessica KeyesNew Art Technologies,Edgewater, New Jersey, USA

Includes a CD-ROM withTime-Saving Templates and Forms

In this volume, Jessica Keyes focuses on theunique issues involved in the marketing of ITproducts and services. This one-stop resourceprovides everything needed to understand theroles, responsibilities, and management tech-niques essential for the development of successfulstrategies. The accompanying CD-ROM providesreaders with numerous time-saving templatesand forms, including customer and competitoranalysis surveys, sample press releases, letters ofagreement, demographic and target marketworksheets, and cost benefit forms.


ServiceOrientedEnterprisesSetrag KhoshafianPegasystems, Inc., Cambridge,Massachusetts, USA

This comprehensive resourcecovers all the components,issues, standards, and tech-nologies that create a service-oriented enterprise.Filled with real-world examples, Service OrientedEnterprises provides readers with innovative, yetpractical, solutions. Readers are guided througheach step of the development process, from analy-sis and design to content and portal integrationand service management. The book also high-lights business processes and business rules in thecontext of web services and service-oriented com-puting.







7

IT Management


MobileEnterpriseTransition andManagementBhuvan UnhelkarConsultant, Wahroonga,Australia

Emerging Best Practices, Case Studies,and Examples of Successful Transitions

"… intertwines the wide and varying dimensionsof economy, technology, process, and sociologytogether in a comprehensive and cohesiveapproach to ensure successful transitions andmanagement of mobile business."

—Edward Yourdon, Computer Hall of Fame Inductee

Addressing the rapid evolution of global com-munications, Mobile Enterprise Transition andManagement provides step-by-step guidanceon how to configure, enact, and manage theprocess of integrating mobile technology withinyour organization. The mobile enterprise transi-tion (MET) process presented considers inputfrom the four significant dimensions of anorganization—economic, technical, process,and social—making it a well-rounded and com-plete process.

Based on extensive research, literature review,and practical experimentation in METs, thiscomprehensive text presents emerging bestpractices, exhaustive case studies, and examplesof successful transitions. It also provides detailedreferences, and a glossary of key terms and com-monly used acronyms.

Whether you are an engineer, network manager,business manager, or other decision maker, thisbook will show you how to develop customizedintegration strategies to achieve the competitiveadvantages that today’s mobile innovationsmake possible.


EnterpriseSystems Backupand RecoveryA CorporateInsurance Policy

Preston de GuiseIDATA Pty Ltd., Sydney, Australia

Instead of focusing on any individual backupproduct, this book recommends corporate pro-cedures and policies needed to establish com-prehensive data protection—regardless of theoperating or backup systems in place.

The text provides techniques for analyzing andimproving current backup system performance.After reviewing the concepts in this book, read-ers will understand:

• Terminology and concepts unique to backupsoftware

• Features and functionality found in a backupenvironment

• Protocols to monitor and improve the performance of backup systems

By utilizing the information in this book, organi-zations can take a step toward improving securi-ty and preventing the devastating loss of dataand business revenue that can occur with poor-ly constructed or inefficient systems.

Contents:Human and Technical Layers. Backup andRecovery Concepts. Backup. Documentationand Training. Performance Options, Analysis,and Tuning. Recovery. Protecting the BackupEnvironment. Problem Analysis. BackupReporting. Choosing a Backup Product. BestPractices. Appendix A: Technical Asides.Appendix B: Sample Recovery Request Form.Appendix C: Sample Test Form. Appendix D:Glossary of Terms.

Catalog no. AU6396, 2009, 308 pp., Soft CoverISBN: 978-1-4200-7639-4, $69.95 / £44.99





IT Management

Coming Soon!

Green ITRex MausExmar Offshore Company, Texas, USA

Functioning as a complete guide to green strate-gies, this book covers the fundamental informa-tion that managers and CIOs need to know tocreate a green IT strategy. It provides the toolsand strategies necessary for making cost effec-tive decisions that minimize the impact on theenvironment for new and existing facilities. Theadaptive strategies described focus on the rea-sons to implement, business impact, and costand benefit to the enterprise.

This forward-looking reference showcases 13specific initiatives and also:

• Provides a checklist for managers looking totransition to greener IT management

• Addresses green issues throughout the ITlifecycle

• Includes cost-effective solutions for new andexisting facilities

• Covers global requirements and standards formultinational companies

• Reviews the unintended consequences andmyths of commonly accepted solutions

• Proposes future strategies that IT managerswill be expected to follow in coming years

Contents:Introduction—Description of "Green"Description of Strategies. Implementors—5 W’sDescribing. Adoptive Strategies—Data Centers.Adoptive Strategies—Enterprise. Future Forecastand Strategies. Summary. Appendix/Glossary.

Catalog no. K10191, April 2010, c. 270 pp.ISBN: 978-1-4398-0342-4, $69.95 / £44.99

The Green andVirtual DataCenterGreg SchulzStorageIO Group, Stillwater,Minnesota, USA

“…an excellent primer for those wanting tounderstand how to create data centers for thisnew paradigm."

–Kurt Marko, in Processor, March 2009

" … extremely well organized and easy to follow.… could easily serve as a blueprint for organiza-tions to follow when they look for ideas on howto design new data centers. It's a great additionto an IT Bookshelf."

—Dr. Steve Guendert, Global Solutions Architect,Brocade Communications

“… doesn’t really pass judgment on whether ornot you should re-adjust your IT initiativesaround some greener-good agenda. He’s focusedmoreso on illustrating how some of the technolo-gies you’re already considering for the good ofyour business – virtualization, blade platforms,cloud computing power management – mightotherwise be pretty cool for the environment,too."

– Heather Clancy, Green Tech Pastures, in ZDNet, February 2009

This book provides strategies and blueprints forenabling and deploying environmentally friend-ly next-generation data centers. It looks atdesign and implementation tradeoffs using vari-ous best practices and technologies to sustainapplication and business growth while maximiz-ing resources, including power, cooling, floorspace, storage, server performance, and net-work capacity. The book also explores perform-ance and capacity planning in a virtual environ-ment that supports resource-demanding appli-cations such as OLTP and streaming media.





9

IT Management


Best Practicesin BusinessTechnologyManagementStephen J. AndrioleVillanova University,Pennsylvania, USA

Discussing specific best practices, this bookoffers qualitative and quantitative methods,tools, and techniques for deploying and sup-porting all kinds of information technology. Itidentifies the range of technology decisions thatmanagers make and the best practices thatdefine good acquisition, deployment, and sup-port decisions, all in an easy-to-absorb, conver-sational tone. The book covers the interrelatedbusiness technology alignment areas of businessstrategy as well as technology applications,architecture, infrastructure, support, acquisition,and organization. Each section ends with a sum-mary of actionable best practices.


EnterpriseArchitecture A to ZFrameworks,Business ProcessModeling, SOA, andInfrastructureTechnology

Daniel MinoliSES Americom, Princeton, New Jersey, USA

Enterprise Architecture A to Z examines cost-saving trends in architecture planning, administra-tion, and management. The text begins by evalu-ating the role of Enterprise Architecture planningand Service-Oriented Architecture (SOA) model-ing. It provides an extensive review of the mostwidely deployed architecture framework modelsincluding The Open Group Architecture andZachman Architectural Frameworks — as well asformal architecture standards. The first part of thetext focuses on the upper layers of the architectureframework, while the second covers technologyarchitecture.

Catalog no. AU8517, 2008, 512 pp. ISBN: 978-0-8493-8517-9, $79.95 / £49.99

KnowledgeRetentionStrategies andSolutionsJay LiebowitzJohns Hopkins University,Rockville, Maryland, USA

Devised to help organizations that are dependenton the accumulated knowledge of stakeholders,this book details a proactive approach to knowl-edge retention. Written by one of the mostsought after knowledge management experts,this text explains how to identify at risk knowl-edge areas, and demonstrates how to keep thoseareas from becoming knowledge vacuums. Toreinforce his points, the book contains case stud-ies from The Aerospace Corporation, Chevron,and Knowledge Harvesting, Inc., which havebecome models for the implementation of knowl-edge retention strategies.


The Effective CIOHow to AchieveOutstanding Successthrough StrategicAlignment, FinancialManagement, and IT GovernanceEric J. BrownNCI Building Systems, TheWoodlands, Texas, USA

William A. Yarberry, Jr.ICCM Consulting, Houston, Texas, USA

Unlike other books that merely discuss strategiesimportant to the chief information officer, this vol-ume explains how the guidelines it recommendscan be executed. The author provides a survey ofexisting strategies and includes detailed problem-solving ideas. The book brings together two per-spectives: that of a working CIO who must copewith the day-to-day pressure for results and that ofan IT auditor focused on governance and internalcontrol. Examples, charts, templates, and anec-dotes supplement the material.








Security Management

Information Security Management HandbookSixth Edition

Available in print or on CD-ROMEdited by

Harold F. TiptonHFT Associates, Villa Park, California, USA

Micki Krause NozakiPacific Life Insurance Company, Newport Beach, California, USA

Considered the gold-standard reference on information security, and now in its sixth edition, theInformation Security Management Handbook is organized under the CISSP® Common Body ofKnowledge (CBK) domains. This handbook has become the standard on which all IT security programsand certifications are based. It provides a compilation of the fundamental knowledge, skills, techniques,and tools required by all IT security professionals.

InformationSecurityManagementHandbookSixth Edition, Volume 3

Catalog no. AU0925,2009, 392 pp.ISBN: 978-1-4200-9092-5, $99.95 / £60.99

InformationSecurityManagementHandbookSixth Edition, Volume 2


Bestseller!

InformationSecurityManagementHandbookSixth Edition

Now in its sixth edition, the 3200-page printversion continues to be updated yearly. Volumes2 and 3 are stand-alone references that reflectchanges to the Common Body of Knowledgemade in response to changing technologies andlaws in different countries and regions.


Get all three volumes and moreon a single CD-ROM

Information Security Management Handbook, 2009 CD-ROM Edition

Containing the complete contents of the original 3200-page handbook plus the updates of Volumes 2and 3, this portable reference is linked, searchable by keyword, and organized under the CISSP®

Common Body of Knowledge (CBK) domains. The CD-ROM contains an extra volume's worth of infor-mation—including chapters from security and networking books that you simply won’t find anywhereelse. Exportable text and hard copies are available at the click of a mouse.

Catalog no. AU0984, January 2010, CD-ROM, ISBN: 978-1-4200-9098-7, $159.95 / £97.00

BestOffer!






11

Security Management


Oracle IdentityManagementGovernance, Risk,and ComplianceArchitecture, Third Edition

Marlin B. PohlmanOracle Corporation, RedwoodShores, California, USA

Written by a director with Oracle who is recog-nized as one of the primary educators worldwideon identity management, regulatory compli-ance, and corporate governance, this is thedefinitive guide for corporate stewards strug-gling with the challenge of meeting regulatorycompliance pressures.

In the book’s first chapters, Dr. Pohlman exam-ines multinational regulations and delves intothe nature of governance, risk, and compliance.He also cites common standards, illustrating anumber of well-known compliance frameworks.He then focuses on specific software compo-nents that will enable secure business opera-tions. To complete the picture, he discusses ele-ments of the Oracle architecture, which permitreporting essential to the regulatory complianceprocess, and the vaulting solutions and datahubs, which collect, enforce, and store policyinformation.

Examining case studies from the five most regu-lated business verticals — financial services,retail, pharma-life sciences, higher education,and the U.S. public sector — this work teachescorporation stewards how to:

• Attain and maintain high levels of integrity • Eliminate redundancy and excessive expense

in identity management • Map solutions directly to region and legislation• Hold providers accountable for contracted

services

Identity management is the first line of defense inthe corporate internal ecosystem. Reconciling the-ory and practicality, this volume makes sure thatdefense is workable, responsive, and effective.

Catalog no. AU7247, 2008, 552 pp., Soft Cover,ISBN: 978-1-4200-7247-1, $69.95 / £44.99

HOWTO Secureand AuditOracle 10g and 11gRon Ben NatanCTO, Guardium Inc., Waltham,Massachusetts, USA

Oracle has more security-related functions,products, and tools than almost any other data-base engine. Unfortunately, most users are famil-iar with less than 20 percent of the securitymechanisms within Oracle. Written by one ofthe most respected and knowledgeable data-base security experts in the world, HOWTOSecure and Audit Oracle 10g and 11g showsreaders how to navigate the options, select theright tools, and avoid common pitfalls.

The text is structured as HOWTOs addressingeach security function in the context of Oracle11g and Oracle 10g. Among a long list ofHOWTOs, readers will learn how to:

• Choose configuration settings that make itharder to gain unauthorized access

• Understand when and how to encrypt data-at-rest and data-in-transit and how toimplement strong authentication

• Use and manage audit trails and advancedtechniques for auditing

• Assess risks that may exist and determine howto address them

• Make use of advanced tools and optionsincluding Advanced Security Options, VirtualPrivate Database, Audit Vault, and DatabaseVault

Providing authoritative and succinct instructionshighlighted by examples, the text also providesan overview of cryptography, covering encryp-tion and digital signatures, showing readers howOracle Wallet Manager and orapki can be usedto generate and manage certificates and othersecrets.






Security Management

New!

Official (ISC)2® Guide to theCISSP® CBK®, Second EditionEdited byHarold F. TiptonHFT Associates, Villa Park, California, USA

This officially sanctioned resource is the most up-to-date study guide available for those seekingCISSP certification. The accompanying CD-ROMincludes sample exams that simulate the actualexam, providing the same number and types ofquestions with the same allotment of time. It evengrades the exam, provides correct answers, andidentifies areas in which more study is needed.


Coming Soon!

Official (ISC)2® Guide to theCISSP®-ISSAP® CBKEdited by

Harold F. TiptonHFT Associates, Villa Park, California, USA

The Official Guide to the (ISC)² CISSP-ISSAPCBK assures competence in the six majordomains of the Information Systems SecurityArchitecture Professional (ISSAP) Concentration.Using this guide, CISSP-ISSAP candidates willunderstand the key concepts and requirementswithin the CISSP-ISSAP CBK.

Catalog no. K10073, May 2010, c. 500 pp.ISBN: 978-1-4398-0093-5, $79.95 / £49.99

Bestseller!

Official (ISC)2® Guide to theCISSP®-ISSEP® CBKEdited by

Susan Hansche, CISSP-ISSEPPEC Solutions, Fairfax, Virginia, USA

Providing an inclusive analysis of the topics cov-ered in the CISSP-ISSEP Common Body ofKnowledge, this comprehensive guide promotesa clear understanding of the four ISSEP domains.It explains ISSE by comparing it to a traditionalSystems Engineering model.


CISO LeadershipEssential Principles for SuccessEdited by

Todd FitzgeraldMilwaukee, Wisconsin, USA

Micki KrausePacific Life Insurance Company, Newport Beach,California, USA

“For those with a forward career-path in infor-mation security, CISO Leadership is a valuableguidebook. The authors' war stories can help youavoid the bumps as you go down that road. Thebreadth and depth of the experience of theauthors makes this a unique book that you canuse to further your information security career."

—Ben Rothke, Security Management


Bestseller!

Building and Implementinga Security Certification andAccreditation ProgramOFFICIAL (ISC)2® GUIDE to the CAPcmCBK®

Patrick D. HowardNuclear Regulatory Commission, USA

An officially sanctioned guide, this bestsellingvolume demonstrates the effectiveness of certifi-cation and accreditation (C&A) as a risk man-agement methodology for IT systems in publicand private organizations. It provides anoverview of C&A components, showing how todocument the status of IT security controls andsecure systems via standard, repeatable process-es. It also includes a case study of the successfulC&A implementation in a major U.S. govern-ment department.


Official (ISC)2® Guide to theSSCP® CBK®

Edited by

Diana-Lynn Contesti, Douglas Andre, Eric Waxvik, Paul A. Henry, and Bonnie A. Goins

Nowhere else are the seven domains of the CBK®

embodied more adeptly than in this popular firstedition of the Official (ISC)²® Guide to theSSCP® CBK®. In a milestone effort by (ISC)²®, fiveof the of the world's leading tacticians acknowl-edge the importance of the security implementa-tion process.









13

Security Management


Bestseller!

InformationTechnologyControl andAuditThird EditionFrederick Gallegos &Sandra SenftCalifornia State PolytechnicUniversity, Pomona, USA

Praise for the First Edition:

"...very useful for beginners as well as practition-ers …well written and presented.

— Information Systems Control Journal

Now in its third edition, this introductory refer-ence to IT governance, control, and auditingreviews pertinent legislation, discusses the futureof auditing in the 21st century, and examinesstrategy, standards, acquisition, and implementa-tion. It explores delivery and support and reviewsadvanced topics including virtual environment,virtual security, e-commerce, and enterpriseresource planning. It also includes helpful guide-lines for preparing for the CISA Exam.


InformationSecurityDesign,Implementation,Measurement, andComplianceTimothy P. LaytonGrover, Missouri, USA

Presenting an in-depth perspective of theISO/IEC 17799 Information Security Standard,this book provides a detailed analysis of how touse the standard to effectively measure an infor-mation security program. It includes a qualita-tive-based risk assessment methodology anddescribes a quantitative measurement frame-work that readers can adopt and implementwithin the risk assessment process in their ownorganization. The text devotes individual chap-ters to each of the 11 control areas defined inthe standard.


New!

Data ProtectionGovernance, RiskManagement, andComplianceDavid G. HillMesabi Group LLC, Westwood,Massachusetts, USA

Explaining how to gain ahandle on the vital aspects of data protection,this book offers a solid understanding of howdata protection fits into various organizations. Itplaces data protection in a governance, riskmanagement, and compliance (GRC) frame-work, discussing existing and emerging dataprotection technologies and how they relate toeach other. The author explores the impact ofnovel trends, including cloud computing, stor-age tiering, server virtualization, and green com-puting. He also shows how to improve the dataprotection process through the high-level PRO-Tech model. Topics covered include data reten-tion, data security, and eDiscovery.


IT Auditing andSarbanes-OxleyComplianceKey Strategies for BusinessImprovementDimitris N. ChorafasConsultant for Major Corporations,France and Switzerland

This book links two key strategies for businessimprovement — information technology audit-ing and Sarbanes-Oxley compliance. Bothrequire ethical accounting practices, focusedauditing activities, a functioning system of inter-nal control, and a close watch by the board’saudit committee and CEO. All of the conceptsare reviewed in detail and reinforced with casestudies that demonstrate the proper steps need-ed for complete analysis. Those companies thatmake good use of the procedures in this bookwill avoid the same mistakes that transformedcompanies such as Enron and Worldcom fromworld class organizations into colossal disasters.








Security Management

Bestseller!

IntelligentNetwork VideoUnderstandingModern VideoSurveillance SystemsFredrik Nilsson & AxisCommunications, Inc.Chelmsford, Massachusetts, USA

Includes a CD with Tools for Deployingand Optimizing an Installation

Providing detailed coverage of advanced digitalnetworking and intelligent video capabilities andoptimization, this book addresses general con-cepts. It explains why IP-based systems providebetter quality at a lower cost, and provides timelyinformation on cameras and DVRs. It also discuss-es frame rate control, indoor/outdoor installations,and MPEG-4 and other digital video formats.


21st CenturySecurity andCPTEDDesigning for CriticalInfrastructureProtection and CrimePreventionRandall I. AtlasAtlas Safety and Security Design,Inc., Ft. Lauderdale, Florida, USA

Written by top experts in the field, this popularreference examines recent trends in the develop-ing field of Crime Prevention throughEnvironmental Design (CPTED). Facilitatingunderstanding across diverse fields and highlyrelevant to critical infrastructure protection, itaddresses the application of CPTED to high-security environments, as well as buildings in thepublic and private sectors.


New!

IntelligentVideoSurveillanceSystems andTechnologyEdited by

Yunqian MaHoneywell International, Inc., Minnesota, USA

Gang QianArizona State University, Tempe, USA

The latest implementation of surveillance camerascalls for advanced video systems that canautonomously recognize people, detect move-ments, and identify targeted activities in real-time.In response to such demand, this book examinesthe fundamental principles of current intelligentvideo surveillance systems. The text provides acomprehensive look at the algorithmic design andsystem implementation for intelligent video sur-veillance. The authors cover computational princi-ples, system implementation issues, and practicalapplications of present and future systems.


CriticalInfrastructureUnderstanding ItsComponent Parts,Vulnerabilities,Operating Risks, andInterdependenciesTyson MacaulayCISSIP, CISA, ISSPCS, Ottawa,Ontario, Canada

Critical Infrastructure (CI) is a little understoodtopic, that seems to generate more fear thanrational discussion. Moving beyond definitions,this volume examines the iron triangle within CI:power, telecom, and finance. It introduces theconcept of CIs as industrial and enterprise riskconductors, highlighting the fact that a CI fail-ure can propagate an impact throughout anenterprise. This text rethinks the concept of a CIaccording to contemporary factors, providingguidance for mitigating risk within the frame-work of national economies.







15

Security Management


New!

Building anEnterprise-WideBusinessContinuityProgramKelley OkolitaMaster Business ContinuityPlanner (MBCP), Worcester, Massachusetts, USA

Drawing on more than two decades of experi-ence in creating continuity plans and usingthem in actual recoveries — including 9/11 andHurricane Katrina — the renowned author goesbeyond theory to provide planners with thetools to build a continuity program in any enter-prise. This book offers guidance on each step ofthe process, including how to validate the plan,and time-tested tips for keeping the plan action-ready over the course of time. This completehandbook gives planners tips for getting started,a sample plan, and information needed to sell acontinuity program to senior leadership.


CrisisManagementPlanning andExecutionEdward S. DevlinConsultant, Frazer, Pennsylvania, USA

“... provides a clear, concise, and complete lookat crisis management planning. ... provides uswith the ‘hows,’ the ‘whys,’ and the ‘whynots’...”

—Richard L. Arnold, CBCP, Publisher/Owner of theDisaster Recovery Journal

This volume begins by defining the elements of abusiness continuity plan. It then examines theprogressive stages of a crisis, the four steps need-ed to manage a crisis, and the role of the execu-tive management team. It also discusses theimportance of the crisis communications teamand explains how to establish a command center.


BusinessResumptionPlanningSecond EditionEdited byLeo A. WrobelTelLAWCom Labs, Inc., Ovilla,Texas, USA

Includes a CD with aHost of Worksheets and Audit Forms

Offering practical advice along with templates,checklists, and directions to public domain infor-mation, Business Resumption Planning,Second Edition assists in creating a solid disas-ter response and recovery plan for any sizeorganization. It presents methods for the imple-mentation and maintenance of infrastructurecontinuity planning, and offers updated tech-niques for conducting a business impact analysisand computing the probability of a disaster. Italso discusses the Sarbanes-Oxley Act.


New!

SecurityManager'sGuide toDisastersManaging ThroughEmergencies,Violence, and OtherWorkplace ThreatsAnthony D. ManleyWantagh, New York, USA

This volume examines the most significant emer-gencies that may confront those managing secu-rity, business continuity, or risk as they protectpeople and property; prevent crime, and avoid lia-bility. The book includes ways to prevent orreduce the severity of the incident, suggests howto properly interact with governmental agencies,and provides managers with a system for stabiliza-tion, recovery, and restoration.








Security Management

CISO Soft SkillsSecuringOrganizationsImpaired byEmployee Politics,Apathy, andIntolerantPerspectivesRon Collette, MichaelGentile, & Skye Gentile

This companion volume to the highly toutedCISO Handbook presents security practitionerswith tools to identify the intangible negativeinfluencers of security, and provides techniquesfor identifying, minimizing, and overcomingthese pitfalls within customized situations.

The book discusses the security constraints thatcan negatively influence a CISO and an organi-zation’s ability to secure itself — includingemployee apathy, employee myopia or tunnelvision, employee primacy, (often exhibited asoffice politics), and the infancy of the informa-tion security discipline. The authors explain whata CISO can do about these security constraints,providing numerous practical and actionableexercises, tools, and techniques to identify, limit,and compensate for the influence of securityconstraints in any type of organization.

Reflecting the experience and solutions of thosein modern organizations, this reference offersactionable solutions for identification, remedia-tion, or compensation of the constraints thatcan hinder a security program. It employsresearch and survey data to support recommen-dations and introduces the R.E.A.P. SecuritySuccess Model (Relate, Educate, Appraise andAct, and Poise). The final chapters discuss someproactive techniques that CISOs can utilize tosecure challenging work environments.

Contents:What’s Not Right. True Security Model. Apathy.Myopia. Primacy. Infancy. Tying It All Together.Closing Thoughts. Appendices. Exercises. REAPTemplates.


The CISOHandbookA Practical Guide to Securing Your Company

Mike Gentile, Ron Collette, & Tom August

The CISO Handbook: A Practical Guide toSecuring Your Company provides uniqueinsights and guidance into designing and imple-menting an information security program. Theauthors present several essential high-level con-cepts before building a robust framework thatwill enable readers to map the concepts to theircompany’s environment. The book is presentedin chapters that follow a consistent methodolo-gy—Assess, Plan, Design, Execute, and Report.

The first chapter, Assess, identifies the elementsthat drive the need for information security pro-grams. Plan discusses how to build the founda-tion of your program. Design demonstrates howto construct the policies and procedures to meetidentified business objectives. Execute empha-sizes the creation of a successful executionmodel for the implementation of security proj-ects against the backdrop of common businessconstraints. Report focuses on communicatingback to the external and internal stakeholderswith information that fits the various audiences.

Each chapter begins with an overview, followedby foundation concepts that are critical tounderstanding the material presented. Thechapters also contain a methodology sectionthat explains the steps necessary to achieve thegoals of the particular chapter. The appendixprovides readers with design chapter work-sheets, a report creation process worksheet,requirements sample, and a SDLC Checklist.





17

Security Management


New!

Risk Analysisand SecurityCountermeasureSelectionThomas L. Norman,CPP/PSP/CSCProtection Partners International,Houston, Texas, USA and Beirut, Lebanon

Explaining how to evaluate the appropriatenessof countermeasures from a cost perspective, thiswork details the five core principles of the riskanalysis lifecycle. Using numerous case illustra-tions and language that’s easy to understand, itguides readers from basic principles to complexprocesses, evaluating DHS-approved risk assess-ment methods. This complete resource includesan adaptable graphic risk analysis tool that canbe applied in public or private industry andworks with all DHS — approved methods.


Bestseller!

The SecurityRisk AssessmentHandbookA Complete Guidefor PerformingSecurity RiskAssessmentsDouglas J. LandollEn Pointe Technologies, Austin, Texas, USA

This comprehensive manual provides detailedinsight into how to conduct an information secu-rity risk assessment. This bestselling volume pro-vides real-world advice that promotes professionaldevelopment and experience. It also enables secu-rity consumers to better negotiate the scope andrigor of a security assessment, effectively interfacewith a security assessment team, deliver insightfulcomments on a draft report, and have a greaterunderstanding of final report recommendations.The book includes charts, checklists, examples,and templates that speed up data gathering,analysis, and document development.


How toComplete a RiskAssessment in 5 Days or LessThomas R. PeltierThomas R. Peltier Associates,LLC, Wyandotte, Michigan, USA

Based on the author’s seminars, this volume pres-ents the various processes that an organizationcan employ in assessing risk, fully detailing eachof its strengths and weaknesses. This informationwill enable managers to determine whichprocesses best fit the needs of a given situation tomitigate risk levels. Always conscious of the bot-tom line, the author discusses the cost-benefitanalysis of risk mitigation and looks at specificways to manage costs. The conclusions present-ed are supported by numerous case studies andexplained through diagrams that show how toapply risk management skills in an organizationwith regard to any business endeavor.


New!

VulnerabilityManagementPark ForemanGroupM, New York, USA

Vulnerability management proactively preventsthe exploitation of IT security gaps and weak-nesses that exist particularly within a largerorganization. This book demonstrates how pre-vention can reduce the potential for exploitationand shows that it takes considerably less timeand resources to manage potential weaknessesthan it does to clean up after a violation. Writtenby a leading expert in IT security, this volumeprovides guidance for creating a vulnerabilitymanagement program in a large, globally distrib-uted company. It covers areas often neglected orfalsely appearing secure. The text includes check-lists and details the activities that constitute suc-cessful management.








Security Management

InformationSecurityManagementMetricsA Definitive Guide toEffective SecurityMonitoring andMeasurementW. Krag Brotby, CISMEnterprise Security Architect, Thousand Oaks, California, USA

The 20/20 hindsight of audits is no longer aneffective solution to security weaknesses. Thisbook offers a novel approach for developing andimplementing security metrics essential for sup-porting business activities and managing informa-tion risk. It shows readers how to develop metricsthat can be used across an organization to assurethat its information systems are functioning,secure, and supportive of business objectives.

With three decades of enterprise informationsecurity experience, the author presents a work-able approach for developing and managingcost-effective enterprise information security. Heprovides a comprehensive overview of securitymetrics, discusses the current state of metrics,and looks at promising new developments.

The book ensures that every facet of securityrequired by an organization is linked to businessobjectives and provides metrics to measure it. Itexplores ways to develop effective strategic andmanagement metrics for information securitygovernance, risk management, program imple-mentation and management, and incident man-agement and response. Case studies effectivelydemonstrate specific ways that metrics can beimplemented across an enterprise to maximizebusiness benefit.


Bestseller!

Complete Guideto Security andPrivacy MetricsMeasuringRegulatoryCompliance,OperationalResilience, and ROI

Debra S. HerrmannU.S. Nuclear Regulatory Commission, Washington, D.C., USA

“…valuable directions on how measurementworks and what goes into producing a usefulmetric. … The master table in the introductionprovides a quick guide to the particular sectionmost relevant to the reader’s need …”

— Richard Austin, in IEEE Cipher, June 2007

Defining more than 900 ready-to-use metricsthat measure compliance, resiliency, and returnon investment, this bestselling referenceexplains what needs to be measured, why andhow to measure it, and how to tie security andprivacy metrics to business goals and objectives.It addresses measuring compliance with legisla-tion, regulations, and standards in the U.S., EC,and Canada including Sarbanes-Oxley, HIPAA,and the Data Protection Act-UK.

The metrics covered are scaled by informationsensitivity, asset criticality, and risk, and thenaligned to correspond with different lateral andhierarchical functions within an organization.They are flexible in terms of measurementboundaries and can be implemented individual-ly or in combination to assess a single securitycontrol, system, network, region, or the entireenterprise at any point in the security engineer-ing lifecycle. The text includes numerous exam-ples and sample reports to illustrate these con-cepts and stresses a complete assessment byevaluating the interaction and interdependencebetween physical, personnel, IT, and operationalsecurity controls.





19

Security Management


How to Developand Implementa SecurityMaster PlanTimothy D. GilesNewnan, Georgia, USA

"This practical guide detailshow to construct a customized, comprehensive,five-year corporate security plan that synchro-nizes with the strategies of any business or insti-tution."

– In ASIS Dynamics, May/June 2009

This work provides a thorough examination ofthe Security Master Planning process. It explainshow to develop appropriate risk mitigationstrategies, and how to focus on both effective-ness and efficiency while conducting a site secu-rity assessment. It also constructs a comprehen-sive five-year plan that is synchronized with theoverall strategies of the business or institution.


New!

ManagingSecurityOverseasProtecting Employeesand Assets inVolatile RegionsScott Alan AstSecurity Professional, Olathe,Kansas, USA

Written by a Certified Protection Professional(CPP), Certified Fraud Examiner (CFE), and FBI-recognized subject matter expert, this text detailsthe recommended protocol for protecting peopleand assets in hostile global settings. Scott Alan Astoffers wisdom and insight gleaned from 28 yearsof hands-on experience in international securitymanagement. He supplies the fundamentalunderstanding and advanced tools required toensure business is conducted safely regardless ofthe risk level—identifying the various threats thatloom in international projects.


Building anEffectiveInformationSecurity PolicyArchitectureSandy BacikConsultant, Fuquay Varina,North Carolina, USA

Through the use of questionnaires, interviews,and assessments, this volume demonstrates howto evaluate an organization's culture and its abil-ity to meet various security standards andrequirements. It provides practical guidance forbuilding, writing, and implementing policyarchitecture designed specifically to fit withinthat culture. Recognizing that the effectivenessof a policy is dependent on cooperation andcompliance, the author demonstrates how tocommunicate that policy and provides advice onhow to gain support. Samples of effective policyarchitecture are also included.


InformationAssuranceArchitectureKeith D. WillettCTN Technologies, Millersville,Maryland, USA

Examining the importance of aligning computersecurity (information assurance) with the goalsof an organization, this book gives security per-sonnel direction as to how systems should bedesigned, the process for doing so, and amethodology to follow. By studying this book,readers will acquire the skills necessary to devel-op a security architecture that serves specificneeds. They will come to understand distinc-tions amongst engineering architecture, solu-tions architecture, and systems engineering. Thebook also shows how the Zachman and theFederal Enterprise Architecture models can beused together to achieve the goals of a businessor government agency.








Security Management

New!

InformationSecurityManagementConcepts andPractice

Bel G. RaggadPace University, Pleasantville, New York, USA

Although the international community has beenaggressively engaged in developing securitystandards for network and information securityworldwide, there are few resources that provideclear guidance on how to properly apply thenew standards in conducting security audits andcreating risk-driven information security pro-grams.

Meeting this need, Information SecurityManagement: Concepts and Practice providesa general overview of security auditing beforeexamining the various elements of the informa-tion security life cycle. It explains the ISO 17799standard and walks readers through the steps inconducting a nominal security audit that con-forms to the standard. The book also providesdetailed guidance for conducting an in-depthtechnical security audit leading to certificationagainst the 27001 standard. Topics addressedinclude cyber security, security risk assessments,privacy rights, HIPAA, SOX, intrusion detectionsystems, security testing activities, cyber terror-ism, and vulnerability assessments.

This self-contained text is filled with review ques-tions, workshops, and real-world examples thatillustrate effective implementation and securityauditing methodologies. It also includes adetailed security auditing methodology readerscan use to devise and implement effective risk-driven security programs that touch all phases ofa computing environment — including thesequential stages needed to maintain virtuallyair-tight IS management systems that conformto the latest ISO standards.

Catalog no. AU7854, January 2010, c. 871 pp,ISBN: 978-1-4200-7854-1, $79.95 / £49.99

New!

The ExecutiveMBA inInformationSecurityJohn J. Trinckes, Jr.Hampton, Florida, USA

As the primary sponsors and implementers ofinformation security programs, it is essential forthose in key leadership positions to possess asolid understanding of the constantly evolvingfundamental concepts of information securitymanagement. Developing this knowledge andkeeping it current, however, requires time andenergy that most executives don’t have.

Supplying a complete overview of key concepts,The Executive MBA in Information Securityprovides the tools needed to ensure an organi-zation has an effective and up-to-date informa-tion security management program in place.This one-stop resource provides a ready-to usesecurity framework readers can use to developworkable programs, along with tips for avoidingcommon pitfalls.

Allowing for quick and easy reference, this time-saving manual provides those in key leadershippositions with a lucid understanding of:

• The difference between information securityand IT security

• Corporate governance and how it relates toinformation security

• The different functional areas related to information security

• Roles and responsibilities of the chief information security officer (CISO)

Presenting difficult concepts in a straightforwardmanner, this guide enables readers to get up tospeed, quickly and easily, on what it takes todevelop a rock-solid information security man-agement program that is as flexible as it issecure.





21

Security Management


Cyber FraudTactics, Techniques,and ProceduresRick HowardVerisign iDefense SecurityIntelligence Services, Dulles,Virginia, USA

This volume explores the threats present in thecyber fraud underground. It discussesphishing/pharming, trojans/toolkits, directthreats, and pump-and-dump scams. By examin-ing the operations of the cyber criminal, the bookprovides perspective into the general incentives,risks, and behavioral patterns of the fraudsters.Armed with this information, organizations andindividuals are better able to develop counter-measures, craft tactics to disrupt the fraud under-ground, and effectively secure their systems.


Mechanics of UserIdentificationandAuthenticationFundamentals ofIdentity ManagementDobromir TodorovConsultant, Buckinghamshire, UK

"…providing a 'hacker' perspective, readers willmore fully understand the ramifications of hav-ing an insecure computer, server, network, pro-gram, database and or policy. … outlines specif-ic exploits and attacks with prescribed defenses.…this is a great resource…"

—E-Streams, Vol. 7, No. 9

This text introduces the philosophy behind userauthentication and access control. It outlines theprocess of controlled access through authentica-tion, authorization, and accounting, and providesspecific information on the user authenticationprocess for both UNIX and Windows. Addressingmore advanced applications and services, theauthor presents common security models such asGSSAPI, and discusses authentication architecture.


InsiderComputerFraudAn In-depthFramework forDetecting andDefending againstInsider IT Attacks

Kenneth BrancikInformation Security Consultant, New York, USA

Employees have easy access to sensitive informa-tion about a company and its customers, makingit all too easy for greedy or disgruntled employ-ees to sabotage a system or sell privileged infor-mation. Illustrated with practical case studies,this volume presents methods, safeguards, andtechniques to protect against insider computerfraud. Drawing from the author’s two decades ofexperience in assessing the adequacy of IT secu-rity in the banking and securities industries, thisbook provides a thorough exploration of applica-tion risks and controls, web-service security, andthe identification and mitigation of fraud.


Malicious BotsAn Inside Look intothe Cyber-CriminalUnderground of theInternet

Ken Dunham &Jim MelnickiSIGHT Partners, Inc., Dallas,Texas, USA

Focusing on the malicious use of bots and botherder means and motivations, this volume pro-vides a much needed resource for understand-ing the scope, sophistication, and criminal usesof bots and how to more proactively protectagainst them. Written in an accessible manner,but with sufficient technical detail, the bookintroduces botnet threats and how they functionand it examines the top bot attacks againstfinancial and government networks over the lastfour years to reveal the who, how, and whybehind them.








Project Management

New!

The CompleteProjectManagementMethodologyand ToolkitGerard M. HillPrincipal, Hill Consulting Group, Woodbridge, Virginia, USA

Written by one of the nation’s most highlyregarded project management mentors, TheComplete Project Management Methodologyand Toolkit delineates a "business-relevant"methodology that can be introduced across dif-ferent industries and business environments.

The book describes the ProjectPRISM™ ProjectManagement Methodology, an innovative,matrix-based approach to conducting projectmanagement that introduces relevant concepts,practices, and tools in an effective project man-agement solution. Aligned with common busi-ness practices, Gerard Hill’s method demon-strates how to develop project plans, keep onschedule, manage budgets, maintain areas ofresponsibility, and evaluate a project’s progressfrom concept to completion.

The text offers insight for customizing themethodology to meet the unique needs of indi-vidual organizations, and also:

• Presents a ready-for-use 96-tool Process Toolkit (on diskette)

• Aligns project management with commonbusiness practices that exist in most businessorganizations

• Offers detailed process and practice guidancefor completing the essential activities of project management

Demonstrating that project management, inmany ways, is business management, the authorprovides an exceptional foundation for creatinga fine-tuned project management practice and arelevant business solution for every organization.


New!

ImplementingProgramManagementTemplates and Forms Aligned with the Standard for Program Management- Second Edition (2008)

Ginger Levin, PMP, PgMP & Allen R. Green PMP, PgMP

Includes a CD-ROM with Ready-To-UseDocuments, Tools, Forms, and Templates

In 2007, the Project Management Institute(PMI®) piloted the now highly sought afterProgram Management Professional (PgMP®) cre-dential—reflecting the growing trend amongorganizations to coordinate the work done onnumerous stand-alone projects. Written by twosuccessful PgMPs, this complete guide presentsa step-by-step methodology that will enablemanagers to seamlessly move their programsfrom theory to practice.

Suitable for the novice as well as the seasonedprofessional, this detailed protocol for managinga program from initiation to closure parallels thePMI’s Standard for Program Management–SecondEdition (2008). Filling the void in the programmanagement literature, the book goes beyondthe best practices listed in the PMI’s Standard toprovide detailed guidance for these practices,enabling program managers in any organizationto successfully coordinate any program.

Recognizing that each organization has uniquerequirements, the templates described in thetext can be customized and tailored as requiredthrough a CD-ROM that is included with thisbook. This unique package of ready-to-use doc-uments, tools, forms, templates, and reportsempowers program managers to bring theirprograms to a successful finish and deliver itsintended benefits to stakeholders.





23

Project Management


DeliveringSuccessfulProjects withTSPSM and Six SigmaA Practical Guide toImplementing TeamSoftware ProcessSM

Mukesh JainMicrosoft, Bellevue, Washington, USA

"Finally, a book with a unique blend of qualityand project management to help teams deliverhigh quality products on time."

—Juliana Gomez, Director, Corporate BusinessExcellence, Microsoft Corporation

Mukesh Jain of Microsoft delves into his imple-mentation of TSP at Microsoft India. Throughthis case study, he examines how teamsimproved the software development process bycombining TSP with Six Sigma to deliver signifi-cant benefits in predictability and to dramatical-ly increase the number of zero-defect projects.


ProjectManagementRecipes forSuccessGuy L. De Furia

Grounded in practicality, this book explains theprocedures for running a successful project andhighlights the finer points of managing and con-trolling the project. Written specifically for thoseresponsible for the hands-on managing of proj-ects, it is also useful to overall program managersand senior executives. Project managers will gainthe confidence that comes from following agood recipe for success. Program managers willgain a perspective on the myriad of activitiestheir project managers must perform to achievea well-disciplined project. Senior managers willgain a perspective of the approach necessary atthe beginning of a project to reduce the numberof ill-advised projects and the effort required toachieve successful projects.


GlobalEngineeringProjectManagementM. Kemal AtesmenIndependent Consultant, SantaBarbara, California, USA

Engineering projects covering multiple coun-tries, cultures, and standards create additionalchallenges for the project manager. This bookaligns real-world experiences in internationalproject management with practical project man-agement principles. Written as a hands-on refer-ence, it illustrates all phases of an internationalproject with real case examples. Covering start-up planning, post-project evaluation, concernsover supply management, cost containment,and intellectual property, this concise resourceexplains how to anticipate and prepare for thechallenges that may arise. Every chapter con-tains a checklist to remind managers of issuesthey must prepare for or oversee.


New!

Managing WebProjectsEdward B. FarkasJackson Heights, New York, USA

This practical, step-by-step guide to managingweb-based projects demystifies even the mostdaunting tasks. Using proven tools, internation-al consultant Edward B. Farkas outlines a typicalproject lifecycle including project integration,scope, scope change, and work breakdownstructures. He addresses time, human resources,communications, and quality management.Dozens of templates, schedules, checklists, andflow charts, prepare readers to become projectmanagement professionals, fully versed in andaligned with the nine knowledge areas and fiveprocesses codified by the internationally accept-ed standards of the Project Management Bodyof Knowledge (PMBOK®).








Project Management

New!

The ProjectManager'sCommunicationToolkitShankar Jha

Describing the challenges and opportunities ofcommunication in a project environment, thisdetailed guide highlights the range of toolsavailable to the project manager and instructson their effective use and application. Writtenfrom a practical standpoint, this book providesthe tools and best practices needed for success-ful communication management. It deals prima-rily with written communication, includingplans, reports, guidelines, procedures, mes-sages, and presentations. Using easy to under-stand language, this book highlights the variousproject communication tools available for useincluding email and PowerPoint®.

Catalog no. K10497, February 2010, c. 208 pp.ISBN: 978-1-4398-0995-2, $59.95 / £38.99

Leading ITProjectsThe IT Manager'sGuideJessica KeyesNew Art Technologies,Edgewater, New Jersey, USA

Individual projects are usually managed by proj-ect managers; however, IT managers may ormay not be conversant in the field of projectmanagement. Leading IT Projects presents acomplete tutorial on project management alongwith information on project manager skill sets.Offering a practical roadmap, this comprehen-sive text provides an understanding of howtechnology project management involves theplanning, monitoring, and control of the peo-ple, processes, and events that occur as a com-puter system evolves from preliminary conceptto operational implementation.


Building aProject WorkBreakdownStructureVisualizing Objectives,Deliverables, Activities,and SchedulesDennis P. Miller, PMPPinehurst, North Carolina, USA

"…explains the keys to an effective WBS throughan Eight Step Process. … a unique and compre-hensive volume."

– Business Economics, September 2008

This resource not only shows readers what theycan do, but shows them how to do it. It pro-vides an eight step process that facilitates thedevelopment of the work breakdown structure.The process defines the project through itsdeliverables and validates the initial target dateby critical path analysis. The result is a clear visu-alization of the project’s objectives, deliverables,activities, and schedule.


New!

PMP ExamPractice Test and Study Guide,Eighth EditionEdited by

J. LeRoy WardESI International, Arlington, Virginia, USA

This rigorous study guide provides 40 multiple-choice practice questions in each of nine knowl-edge areas and the professional and socialresponsibilities domain. It also contains a com-posite 200-question practice test that simulatesthe PMP® exam. It includes fully referencedanswers keyed to the five project managementprocess groups, a complete bibliography, and astudy matrix to help readers key in on areas thatrequire further study. Using the self examinationand study tools in this book, readers can increasetheir chances of passing the PMP® certificationexam the first time.

Catalog no. N10241, January 2010, Soft CoverISBN: 978-1-890367-52-7, $59.95 / £38.99






25

Project Management


New!

ProjectManagementTheory andPracticeGary L. RichardsonUniversity of Houston, Texas

Structured on PMI’s Project Management Bodyof Knowledge (PMBOK®) standard, this bookcovers the theory of project management andexplains how its concepts are carried out in realworld projects. It translates the abstract modelvocabulary and processes from A Guide to theProject Management Body of Knowledge (PMBOK®

Guide), Fourth Edition into an accessible discus-sion that includes contemporary views andfuture directions. Scheduling and budgetingproblems, scoping projects, and questions at theend of each chapter make this book essentialreading for those seeking project managementcertification.


The StrategicProject LeaderMastering Service-Based ProjectLeadershipJack FerraroProject Management LeadershipTraining, Manassas, Virginia,USA

“... a truly uplifting book with a self-directedplan to build leadership competencies and rec-ommended tools for establishing compatibility.”

—Dr. Tony Alessandra, author of The Platinum Rule and Charisma

"By emphasizing the leading of people and provid-ing a roadmap for personal development, Ferrarohas created an interesting and practical book."

– SciTech Book News, May 2008

The practical framework outlined in this bookwill enable project managers to take charge oftheir career development and master the role ofstrategy leader. It explores the attitudes andbehaviors of successful leaders to provide projectmanagers with actionable advice on how to foster leadership skills.


ProjectManagement ofComplex andEmbeddedSystemsEnsuring ProductIntegrity andProgram Quality

Kim H. PriesStoneridge Electronics North America, El Paso, Texas, USA

Jon M. QuigleyVolvo Trucks, Greensboro, North Carolina, USA

Featuring techniques from the Department ofDefense and the automotive industry, this refer-ence explains how to deliver a reliable, complexsystem or product to market. The book providesa step-by-step tutorial on how to secure qualityin complex products by incorporating varioustechniques for embedded software develop-ment. Each step in the development process iscovered in detail with supplementary case stud-ies that illustrate potential challenges in eachphase of development and provide a base forderiving future solutions.


Bestseller!

EffectiveOpportunityManagementfor ProjectsExploiting Positive RiskDavid HillsonRisk Doctor & Partners,Petersfield, UK

With step-by-step guidelines, this bestselling ref-erence discusses the management of projectopportunities by expanding the traditional riskmanagement process to address opportunitiesalongside threats. It offers valuable tools andtechniques that expose and capture opportuni-ties, minimize threats, and deal with all types ofuncertainty in your business and projects. Writtenby an experienced consultant and risk manage-ment specialist, this guide emphasizes that riskprocesses must cover both opportunities andthreats if they are to assist in accomplishing proj-ect objectives and maximizing business benefits.

Catalog no. DK2925, 2004, 340 pp.ISBN: 978-0-8247-4808-1, $164.95 / £92.00







Project Management

A Standard forEnterpriseProjectManagementMichael S. ZambruskiTBA&P, LLC, Cheshire,Connecticut, USA

From enterprise vision and mission to businessrequirements, project initiation, and manage-ment, this practical guide explains each of thebasic elements needed for project success andintegrates them into a balanced life-cycle contin-uum. It includes a decision tree for determiningthe most appropriate level of project documenta-tion, describes an integrated risk managementand escalation policy, and contains more thantwo dozen templates and completed samples ofkey project management tools. The author alsooffers a color version of the book with bonusitems on a CD-ROM.


Bestseller!

The CompleteProjectManagementOffice HandbookSecond EditionGerard M. HillPrincipal, Hill Consulting Group,Woodbridge, Virginia, USA

This second edition of The Complete ProjectManagement Office Handbook extends theconcepts and considerations of modern projectmanagement into the realm of project manage-ment oversight, control, and support.Recognizing the need for a centralized organiza-tional entity — the project management office(PMO) — to perform in this capacity, this bookconsiders five stages of PMO along a competen-cy continuum, establishing the depth of its func-tional responsibility. This revised edition alsopresents twenty functional models that can beused to guide deliberation and development ofPMO operational capability.


DeterminingProjectRequirementsHans JonassonJTC Unlimited, Shelby Twp.,Michigan, USA

“…presented in a way thatnot only provides the readerwith a comprehensive refer-ence text, but also a valuablelearning experience with its examples, activitiesand solutions. … recommended reading for any-one involved in today’s world of business analysis!”

—Glenn R. Brûlé, IIBA Chair, International Business Development

Determining Project Requirements provides ageneralized set of repeatable processes designedto ensure communication between the cus-tomer and the developer. It uses a fictionalexample to demonstrate the range of generaltechniques. It also includes built-in exercises,best practices, tools and templates, customiz-able solutions, and two different examples of theBusiness Requirements Document.


EffectiveCommunicationsfor ProjectManagementRalph L. Kliem, PMPSenior Project Manager,Fortune 500 Firm

This book examines ele-ments of the communica-tions process and describes the role that theProject Management Information System (PMIS)has in helping project managers become bettercommunicators. In addition to describing howpersonality effects communications, the bookdetails the seven elements of effective communi-cations: applying active and effective listening;preparing the communications and establishingan issues management process; drafting and pub-lishing documentation; conducting meetings; giv-ing effective presentations; developing anddeploying a project website; and building a proj-ect war room. Each chapter contains examplesand checklists that can be adapted to the reader’senvironment.







27

Software Engineering & Development


New!

AppliedSoftwareProduct LineEngineeringEdited by

Kyo C. Kang, Vijayan Sugumaran, and Sooyong Park

In recent years Software Product Line (SPL) hasdrastically increased the productivity of IT-relat-ed industries — with many more improvementspossible. This handbook details various aspectsof SPL implementation in different domains,while documenting best practices with regard tosystem development. Expert contributors fromacademia and industry come together to focuson core asset development, product develop-ment, and management. They address theprocess, technical, and organizational issuesneeded to meet the demand for information inwhat is becoming a global paradigm shift.


New!

Strategic DataWarehousingAchieving Alignmentwith Business

Neera BhansaliiMEMS Corp.

Organization of data warehouses are vital butoften ignored aspects of growing enterprises.This work merges technological know-how withmanagerial practices to show the business man-ager and the IT professional how better align-ment between data warehouse plans and busi-ness strategies can lead to a successful datawarehouse adoption that can support the entireinfrastructure. This complete resource addressesthe managerial and strategic aspects of datawarehouses, offering solutions that will allow forthe strategic alignment of these warehouseswhile building them and ensuring that thisalignment is sustained.

Catalog no. AU3945, January 2010, 224 pp.,ISBN: 978-1-4200-8394-1, $69.95 / £44.99

New!

Handbook ofEnterpriseIntegrationMostafa Hashem SherifAT&T, Tinton Falls, New Jersey, USA

Bringing together the latest research and appli-cation results, this book provides a clear andcomprehensive understanding of systems inte-gration technologies, architectures, applications,and project management techniques involved inenterprise system integration. The text includescoverage of mobile communications, standardsfor integrated manufacturing and e-commerce,RFID, Web-based systems, and complete service-oriented enterprise modeling and analysis.Practitioners will benefit from insights on manag-ing virtual teams and management techniquesfor introducing complex technology into busi-nesses. Covering best practices in enterprise sys-tems integration, the text highlights applicationsacross various business enterprises and includescase studies.


New!

Enterprise-ScaleAgile SoftwareDevelopmentJames SchielDanube Technologies,Pennsylvania, USA

Written for organizationsattempting to convert theirtransitional development practices to agile, thisbook is organized into chapters sequenced tomatch the typical progression. Drawing on hisexperience in transitioning a 1400-personorganization to agile development, the authorprovides the information and tools that willenable readers to consider potential outcomesand make the best choices for their unique situ-ation. The content is based on the use of Scrumas an organizational framework and on XP prac-tices used to define how software is written andtested.

Catalog no. K10179, January 2010, 382 pp.,ISBN: 978-1-4398-0321-9, $89.95 / £57.99








New!

SoftwareTesting as aServiceAshfaque AhmedSCM Consulting, Bhilai,Chhattisgarh, India

Software Testing as a Service explains, in simplelanguage, how to use software testing to improveproductivity, reduce time to market, and reducecostly errors. It explains how the normal functionsof manufacturing can be applied to commoditizethe software testing service to achieve consistentquality across all software projects. This up-to-datereference reviews different software testing tools,techniques, and practices. It provides succinctguidance on how to estimate costs, allocateresources, and make competitive bids. Repletewith examples and case histories, this resourceillustrates how proper planning can lead to thecreation of software that is head and shouldersabove the competition.

Catalog no. K10002, January 2010, 228 pp.,ISBN: 978-1-4200-9956-0, $79.95 / £49.99

Building andMaintaining aData WarehouseFon SilversData Warehouse Analyst andDeveloper, Tampa, Florida, USA

Based on a foundation of industry-accepted prin-ciples, Building and Maintaining a DataWarehouse provides an easy-to-follow approachthat is cohesive and holistic. By offering the per-spective of a successful data warehouse, as well asthat of a failed one, the author details factors thatmust be accomplished and those that are bestavoided. He looks at areas of a data warehouseindividually and in sequence, showing how eachpiece becomes a working part of the whole. Thebook examines the concepts and principles com-mon to every successful data warehouse, andexplains how to recognize and attend to problem-atic gaps in an established data warehouse.


ManageSoftwareTestingPeter Farrell-Vinay

Showing test managers what to focus on strate-gically, tactically, and operationally, this bookprovides a comprehensive guide to all aspects oftest management. It covers unit, system, andnon-functional tests with examples on how toestimate the number of bugs expected to befound, the time required for testing, and thedate when a release is ready. Using a risk-basedapproach, the author addresses a range of ques-tions about software products under develop-ment. This text shows test managers how todevelop a basis to assess software team process-es and achievements.


The MethodFramework forEngineeringSystemArchitecturesDonald G. Firesmith,Peter Capell, Dietrich Falkenthal,Charles B. Hammons, DeWitt T. Latimer IV,and Tom Merendino

Offering a practical way to generate effectivesystem architecture engineering methods, thisvolume addresses the entire range of systemsarchitecture including hardware, software, sub-systems, and systems of systems. It defines a setof architectural roles and provides a repository ofreusable architectural engineering process com-ponents to develop high-quality system archi-tectures. It examines a cohesive set of tailorabletasks for producing associated architectural workproducts and establishes recommended industrypractices for engineering the architecture of soft-ware-intensive systems.







29



EssentialSoftware TestingA Use-Case Approach

Greg FournierEnlighten Solutions, Colorado Springs, USA

Utilizing case-driven techniques that are appropri-ate for any software development project, thismanual communicates a realistic approach to effi-cient and effective software testing. Coveringbasic testing concepts and employing a hands-onapproach, the book shows how to determinewhat to test, how to select proper tests, and howto perform the actual tests. It discusses techniquesfor building and tracing tests and demonstrateshow to conduct and record results. The methodspresented in this handbook are equally accessibleto testers, software managers, and developers.


New!

Secure andResilientSoftwareDevelopmentMark S. Merkow &Lakshmikanth Raghavan

Many software books available highlight theproblems with current software developmentbut few provide actionable, ground-level solu-tions. Covering the entire secure software devel-opment life cycle, this book presents qualitysoftware development strategies and practices.It stresses resilience requirements with precise,actionable, and ground-level inputs that con-nect directly with their creators. The text helpsdevelopers understand fundamental problemsand provides them with best practices, princi-ples, design methodology, programming guid-ance, and testing practices.

Catalog no. K11327, February 2010, c. 304 pp.ISBN: 978-1-4398-2696-6, $79.95 / £49.99

Coming Soon!

ProcessImprovementand CMMI forSystems andSoftwareRon S. KenettKPA, Ltd., Raanana, Israel

Emanuel BakerProcess Strategies, Inc., Los Angeles, California, USA

Process Improvement and CMMI for Systemsand Software provides readers with a workableapproach for achieving cost-effective processimprovements for systems and software. Itdetails a methodology for assessing the status ofa development or maintenance process and laysout an effective plan for achieving processimprovements. This practical resource suppliesexamples of measures and metrics that can beuseful for establishing baselines and for monitor-ing process improvement projects.

Catalog no. AU6050, March 2010, c. 428 pp.ISBN: 978-1-4200-6050-8, $69.95 / £44.99

Second Editionof a Bestseller!

Interpretingthe CMMI®A Process ImprovementApproach, Second EditionMargaret K. Kulpa &Kent A. JohnsonAgileDigm, Inc., Ormond Beach, Florida, USA

Taking a broad approach this second edition ofa bestseller thoroughly examines the CMMI. Thetext first clarifies the concept of processimprovement, makes the case for how and whyto employ CMMI, and outlines its structure. Itthen provides an overview of the process areas,supported by real-world display tables, tem-plates, and charts designed to aid organizationsin their improvement efforts. Subsequent sec-tions address measurement issues includingbasic metrics, statistical process control, andhigh maturity concerns.









EffectiveSoftwareMaintenanceand EvolutionA Reuse-BasedApproachStanislaw JarzabekNational University of Singapore

With software maintenance costs averaging50% of total computing costs, it is necessary tohave an effective maintenance program in place.This book explores program analyzers, reverseengineering tools, and reengineering tools in-depth and explains the best ways to deploythem. It also discusses using XML-based tools,the roles of software components, object tech-nology, and metaprogramming in improvingsystems maintenance. It also explains how toalign software with business goals throughstrategic maintenance.


ArchitectingSoftwareIntensiveSystemsA Practitioners GuideAnthony J. LattanzeCarnegie Mellon University,Pittsburgh, Pennsylvania, USA

Focusing on the architecture centric designmethod (ACDM), this book provides deep insightinto designing software architectures for systemsand how to effectively use architectural designartifacts once created. The text describes how tointegrate ACDM with existing organizationalstructures and processes. The author demon-strates how to tailor defined software processframeworks and methodologies to ACDM inorder to design the architecture for a softwareintensive system. The chapters offer practicalguidelines for the general iterative model, thegeneral waterfall model, the rational unifiedprocess, the team software process, scrum, andextreme programming.

Catalog no. AU4569, 2009, 416 pp.ISBN: 978-1-4200-4569-7, $79.95 / £49.99 Implementing

ElectronicDocument andRecordManagementSystemsAzad AdamIndependent Consultant,London, UK

Despite the global shift toward delivering servic-es online, there is little information available onhow to electronically deliver documents andrecords. Implementing Electronic Documentand Record Management Systems addressesthis need, as well as the host of issues related topaperless enterprises. From starting up the proj-ect to systems administration, this book providescomplete coverage of every aspect of implemen-tation and management processes. The text alsoexplains managing cultural changes and busi-ness process re-engineering that organizationsundergo as they switch from paper-basedrecords to electronic documents. Case studiesoffer a practical look at successful real-worldimplementations.


SoftwareTestingA Craftsman'sApproach, Third EditionPaul C. JorgensenGrand Valley State University,Allendale, Michigan, USA

A bestseller in its first two editions, SoftwareTesting: A Craftsman’s Approach, ThirdEdition has been thoroughly revised and updat-ed to highlight issues such as how Agile and XPdevelopment environments have changed therole of software testers. Coverage includesmodel-based and test-driven development,reexamination of all-pairs testing, and explana-tion of the four contexts of software testing. Theauthor provides new downloadable programsthat demonstrate white-box, black-box, andother fundamental types testing.







From acoustic communications and data compression tooptical fibers and wireless sensor networks, theEncyclopedia of Wireless and Mobile Communicationsprovides a substantial overview of more than 200 essen-tial topics in the wireless communications field.

Presented in three easily searchable volumes written byglobal experts, this bestselling encyclopedia offers acomplete range of fundamental and advanced issues intelecommunications.

“… an extensive, scholarly, pro-fessional level resource to thepractical applications of electri-cal engineering technology fortelephones, communicationnetworks, data recording,source compression, and muchmore. … strongly recommend-ed as being an utterly exhaus-tive reference resource which ispacked from cover to cover with extensive in-depth sci-ence and technical applications.”

—Michael's Bookshelf



Pre

sort

ed S

tand

ard

US

Pos

tage

PAID

Per

mit

382

Sou

th H

olla

nd IL

6000

Bro

ken

Soun

d Pa

rkw

ay, N

W, S

uite

300

Boca

Rat

on, F

L 33

487,

USA

Pag

e 4

Fo

r a c

om

ple

te li

st

of

IT M

anag

em

ent,

Sys

tem

s,

and

Security

title

s p

lease v

isit www.crcpress.com

Pag

e 5

Pag

e 1

3

Use this Promo Code

when ordering to

SAVE 15%!





it management

Documents

evolution of cloud computing

ment of cloud computing

cloud initiatives

cloud environment

pm page

cloud initiatives

page 20mbcitm0 mc

security management