By C Warrem Axelrod
Reviewed by Jeimy J. Cano M., Ph.D., COBIT (F), CFE, CMAS
Making an accurate distinction between the words “safety” and “security” is a challenge. Each represents a tradition and mastery of knowledge that challenges the current conditions of information systems implementation since both seek to understand and anticipate the inevitability of failure.
Engineering Safe and Secure Software Systems gives readers conceptual explanations about the differences between security and safety; ways to integrate the 2 concepts into the information systems life cycle; technology solutions; and detailed, in-depth case studies. The book also analyzes current practices for security and safety regarding appropriate maturity. It has a comprehensive view and analysis of management and technology solutions that companies require.
The complementary view of security and safety presented in this book allows developers and project managers to maintain a structural view of the development of systems. This structural view enables project managers to know that information and access to information is protected. This structural approach also helps ensure that each system component is constructed properly.
Systems should be built to ensure both security and safety. This book provides a unified approach to security and safety that allows engineers, developers, project managers, auditors and information security analysts to think beyond their domain of knowledge. It combines the concept of survival systems, which are systems that take care of the physical integrity of their human components and operation with information assurance.
Engineering Safe and Secure Software Systems helps readers rethink and renew their understanding of IT audit and information security systems. It enables information security professionals and IT auditors to visualize constructing more comprehensive software project practices. With the help of this book, readers can create recommendations regarding how to secure information and how to limit the effects of system failure.
Engineering Safe and Secure Software Systems is available from the ISACA Bookstore. For information, see the ISACA Bookstore Supplement in the latest issue of the ISACA Journal, visit the ISACA Bookstore online or email [email protected].
Jeimy J. Cano M., Ph.D., COBIT (F), CFE, CMAS, is a distinguished professor in the law department of the Universidad de los Andes, Colombia. He has been a practitioner and researcher in information and computer security, digital evidence and computer forensics for more than 17 years in different industries. Cano is a member of the ISACA Publications Subcommittee.