Overview

For many companies, their intellectual property can often be more valuable than their physical assets. Having an effective IT governance strategy in place can protect this intellectual property, reducing the risk of theft and infringement. Data protection, privacy and breach regulations, computer misuse around investigatory powers are part of a complex and often competing range of requirements to which directors must respond. There is increasingly the need for an overarching information security framework that can provide context and coherence to compliance activity worldwide. IT Governance is a key resource for forward-thinking managers and executives at all levels, enabling them to understand how decisions about information technology in the organization should be made and monitored, and, in particular, how information security risks are best dealt with. The development of IT governance - which recognises the convergence between business practice and IT management - makes it essential for managers at all levels, and in organizations of all sizes, to understand how best to deal with information security risk. The new edition has been full updated to take account of the latest regulatory and technological developments, including the creation of the International Board for IT Governance Qualifications. IT Governance also includes new material on key international markets - including the UK and the US, Australia and South Africa.

Full Product Details

9780749464851

Table of Contents

• • Chapter - 00: Introduction;
  • Chapter - 01: Why is information security necessary?;
  • Chapter - 02: The UK Combined Code, the Turnbull Report and Sarbanes-Oxley;
  • Chapter - 03: ISO27001;
  • Chapter - 04: Organizing information security;
  • Chapter - 05: Information security policy and scope;
  • Chapter - 06: The risk assessment and Statement of Applicability;
  • Chapter - 07: External parties;
  • Chapter - 08: Asset management;
  • Chapter - 09: Human resources security;
  • Chapter - 10: Physical and environmental security;
  • Chapter - 11: Equipment security;
  • Chapter - 12: Communications and operations management;
  • Chapter - 13: Controls against malicious software (malware) and back-ups;
  • Chapter - 14: Network security management and media handling;
  • Chapter - 15: Exchanges of information;
  • Chapter - 16: E-commerce services;
  • Chapter - 17: E-mail, internet use and social media;
  • Chapter - 18: Access control;
  • Chapter - 19: Network access control;
  • Chapter - 20: Operating system access control;
  • Chapter - 21: Application access control and teleworking;
  • Chapter - 22: Systems acquisition, development and maintenance;
  • Chapter - 23: Cryptographic controls;
  • Chapter - 24: Security in development and support processes;
  • Chapter - 25: Monitoring and information security incident management;
  • Chapter - 26: Business continuity management;
  • Chapter - 27: Compliance;
  • Chapter - 28: The ISO27001 audit

Reviews

Author Information

Alan Calder is founder-director of IT Governance Ltd, which provides IT governance, compliance, risk management and information security books, trading tools, consultancy and training. Alan consults with companies internationally on matters relating to information secuurity. Steve Watkins is Head of Consultancy & Training at IT Governance Ltd. Steve has over 18 years' experience of managing integrated management systems, and is on the Management Commitee of the British Standards Society.

Tab Content 6

Customer Reviews

Recent Reviews

Countries Available