Sign in to turn on 1-Click ordering.
More Buying Choices
Have one to sell? Sell yours here
Sorry, this item is not available in
Image not available for
Image not available

Tell the Publisher!
I’d like to read this book on Kindle

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Risk Management Solutions for Sarbanes-Oxley Section 404 IT Compliance [Paperback]

John S. Quarterman

RRP: £31.99
Price: £26.91 & FREE Delivery in the UK. Details
You Save: £5.08 (16%)
o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o
Usually dispatched within 9 to 12 days.
Dispatched from and sold by Amazon. Gift-wrap available.

Book Description

6 Jan 2006
  • Examines how risk management security technologies must prevent virus and computer attacks, as well as providing insurance and processes for natural disasters such as fire, floods, tsunamis, terrorist attacks
  • Addresses four main topics: the risk (severity, extent, origins, complications, etc.), current strategies, new strategies and their application to market verticals, and specifics for each vertical business (banks, financial institutions, large and small enterprises)
  • A companion book to Manager′s Guide to the Sarbanes–Oxley Act (0–471–56975–5) and How to Comply with Sarbanes–Oxley Section 404 (0–471–65366–7)

Special Offers and Product Promotions

  • Between 20-26 October 2014, spend £10 in a single order on item(s) dispatched from and sold by Amazon.co.uk and receive a £2 promotional code to spend in the Amazon Appstore. Here's how (terms and conditions apply)

Product details

More About the Author

Discover books, learn about writers, and more.

Product Description

From the Back Cover

If your company does business on the Internet, your risks are growing exponentially. Worms, viruses, cracker attacks, mechanical failures, and natural disasters create a climate that compromises performance as well as security. Traditional solutions are too limited to address these risks. You need a strategy designed for today, and this book will help you build one.

  • Understand the risks faced by your particular business
  • Learn to assess the extent, origins, complications, growth, and potential severity of your risk factors
  • Examine and analyze strategies already in place
  • Explore new strategies and their application in various market contexts
  • Devise and implement a solution that is tailored to your enterprise and meets the requirements of Sarbanes–Oxley Section 404

About the Author

John S. Quarterman has previously coauthored The 4.2BSD Berkeley Unix Operating System1 and its successor edition, as well as The Matrix: Computer Networks and Conferencing Systems Worldwide2 and other books. Mr. Quarterman is CEO of InternetPerils, Inc., an Internet business risk management company that is extending risk management strategies available to business into new areas such as insurance, catastrophe bonds, and performance bonds.
He has 26 years of experience in internetworking, beginning with work on ARPANET software at BBN. In 1990, he incorporated MIDS, which published the first maps of the whole Internet and conducted the first Internet Demographic Survey. In 1993, he started the first series of performance data about the entire Internet, visible on the web since 1995 as the Internet Weather Report, which together with the Internet Average and ISP Ratings, were some of the most cited analyses available.

Inside This Book (Learn More)
First Sentence
Internet risks beyond the firewall have grown rapidly since 2000 into cyber-hurricanes that are force majeure risks that threaten every enterprise that uses the Internet, yet they are beyond the control of any enterprise. Read the first page
Explore More
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index | Back Cover
Search inside this book:

Sell a Digital Version of This Book in the Kindle Store

If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store. Learn more

Customer Reviews

There are no customer reviews yet on Amazon.co.uk.
5 star
4 star
3 star
2 star
1 star
Most Helpful Customer Reviews on Amazon.com (beta)
Amazon.com: 5.0 out of 5 stars  1 review
2 of 2 people found the following review helpful
5.0 out of 5 stars All About Early 21st Century Risk 23 Jun 2006
By Gunnar Peterson - Published on Amazon.com
This book is unique, as far as I know, as a very timely analysis on technical issues and their impact on risk management.

Chapter 1 looks at three power laws for scaling networks - Sarnoff, Metcalfe and Reed. Valuing assets is a precursor to any risk management activity. Chapter 2 looks at the differences between traditional risk and Internet-style risks. There is an important distinction in perils and anomalies. Perils are defined as bugs and vulnerabilities. Anomalies are defined as the problems that arise once a vulnerability is exercised. There is also a section on monoculture which compares computing monoculture to bollweevils and other physical world monoculture risks.

Chapter 3 describes high level strategies like redundancy and backups for dealing with risks. These are high level not detailed operational planning, but they are useful for directors to plan what actions manage what risks. Federation is mentioned as having a positive impact on higher assurance integration between service providers and consumers. Another theme is the positive and negative aspects of decentralization, Quarterman concludes it is largely a positive development, and a decade and half into the web, that looks like a safe assumption.

For a book with Sarbanes in its title, there is not a ton of information on compliance. This is not a big a problem for me, since I, like this book, view compliance as a subset of risk management. Chapters 4-8 look at the implications of risk in various business sizes and verticals.

Chapter 6 examines some physical world controls that work fine in the real world but are insufficient in the digital world such as 4 digit PINs for ATMs. This chapter also covers various types of insurance schemes such as Cat Bonds.

Chapter 7 compares Frederick Winslow Taylor (command and control) to John Boyd (smart nodes) and concludes - Taylor Wrong. Boyd Right. Speed and autonomy are more valuable in a networked world. It is often said the important stuff is not exciting, risk management may not be a thrill a minute for everyone, but this book shows why risk management is important to businesses.

Chapter 8 contains an history of technologies, but does not address SOA, Web Services, Web 2.0 et. al in the context of the 5th Wave. Chapter 9 deals with a recurring theme on differentiating between risk inside the perimeter and outside the perimeter and the disparate strategies available. Chapter 10 describes some key differences between SOX (looking for black list items) and Basel II (culture change). Boyd's OODA loop is revisited in the context of self-healing networks. There is a section on the modern military's reliance on the web, which reminded me of a story by Thomas Barnett about how soldiers in Iraq were going into chat rooms to teach other about counterinsurgency. The officers instructed them to stop because Al Qaeda would listen in, the soldier's response:"Al Qaeda already knows this. We are the ones with the knowledge gap." Now the training manuals are being updated.

My favorite part of the book is Cliff Forts versus Coordinated Mesas which detailes the ancient Anasazis Protect-Detect-Respond strategy.

Chapter 11 discerns between first party loss and third party loss. Chapter 12 contains a set of actionable items for companies wanting to improve their risk management.

Overall, a useful window into the current risks and risk management opportunities in the early 21st century.
Was this review helpful?   Let us know

Customer Discussions

This product's forum
Discussion Replies Latest Post
No discussions yet

Ask questions, Share opinions, Gain insight
Start a new discussion
First post:
Prompts for sign-in

Search Customer Discussions
Search all Amazon discussions

Look for similar items by category