ITIL(R) 4 High-velocity IT (HVIT). Your companion to the ITIL® 4 Managing Professional HVIT certification

IT Governance Publishing, Claire Agutter

This book guides readers through the core principles and practices of High-Velocity IT, offering a comprehensive approach to modern IT service management. It begins with foundational concepts, introducing High-Velocity IT and the essential behaviors needed for success in dynamic environments. Readers are then introduced to the digital product lifecycle and the ITIL® operating model, which emphasize the importance of service value systems and value streams in driving business outcomes.The book delves into key behaviors that support continuous improvement, including adaptability, trust, and commitment to learning. It also covers various principles and models, such as Lean, Agile, and Design Thinking, offering practical techniques to enhance IT performance.In the later chapters, the focus shifts to ensuring valuable investments, fast development, resilient operations, and co-created value. It presents techniques for achieving these objectives while aligning with ITIL® 4 practices. The final chapter prepares readers for the HVIT certification exam, consolidating key learnings and providing a solid foundation for future success in High-Velocity IT environments. This book offers both theory and practical guidance for those seeking to thrive in fast-paced, value-driven IT operations.

ITIL(R) Foundation Essentials ITIL(R) 4 Edition. The ultimate revision guide

IT Governance Publishing, Claire Agutter

This book offers a detailed introduction to IT service management and the ITIL® 4 framework by covering key concepts such as value, service management, and co-creation, providing a solid foundation for understanding ITIL®. Readers are introduced to the four dimensions of service management and how they apply to organizational success. The book also explores the various roles involved in service management, from service providers to consumers, and the essential relationships that drive value.The book further explains ITIL®’s guiding principles, such as focusing on value, thinking and working holistically, and simplifying processes. These principles form the core of ITIL® 4’s approach, emphasizing flexibility, iterative progress, and stakeholder collaboration. With practical examples and clear explanations, readers will learn how to integrate these principles into their service management practices.Lastly, the book dives deep into the Service Value System and Service Value Chain, detailing how each component contributes to delivering business value. It also explores essential ITIL® practices, such as continual improvement and incident management. The final sections provide valuable exam preparation tips to ensure readers are well-equipped to pass the ITIL® Foundation exam with confidence.

NIST CSF 2.0. Your essential introduction to managing cybersecurity risks

IT Governance Publishing, Andrew Pattison

This comprehensive guide introduces the origins, aims, and components of the NIST Cybersecurity Framework (CSF) 2.0. It explores the core structure including functions, categories, subcategories, and profiles, and provides detailed implementation tiers and examples.Readers are then guided through a deep dive into all six framework categories—from Govern to Recover—and learn how to develop and apply risk management strategies within an organization. The content covers NIST SP 800-53, informative references, and practical quick-start guides to help translate theory into action.The final sections offer a seven-step implementation roadmap, including gap analysis, target profiles, and continuous improvement. The book concludes by mapping the CSF to international standards like ISO 27001 and ISO 22301, offering a well-rounded and interoperable cybersecurity strategy.

PCI DSS Version 4.0.1. A guide to the payment card industry data security standard

IT Governance Publishing, Stephen Hancock

This book provides an essential resource for anyone involved in managing or ensuring PCI DSS compliance. It begins by introducing the Payment Card Industry Data Security Standard (PCI DSS), explaining its importance, and the regulatory framework that governs it. Readers will understand how to assess their organization’s compliance status and the vital steps to avoid data breaches. The book offers a comprehensive exploration of compliance programs and how organizations can design their own effective strategies.The text then dives into the specifics of PCI DSS, focusing on its core components and requirements. Key chapters describe how to comply with and maintain compliance, as well as how to use tools like the PCI self-assessment questionnaire (SAQ). Real-world case studies of cardholder data breaches highlight the consequences of non-compliance. Readers will also learn about the integration of PCI DSS with other standards like ISO/IEC 27001.Throughout, this guide emphasizes practical advice for implementing key security frameworks such as the Software Security Framework (SSF) and Point-to-Point Encryption (P2PE). By the end of the book, readers will have a clear roadmap to not only meet but sustain PCI DSS compliance and strengthen their organization's data security practices.

Practical IT Service Management. A concise guide for busy executives

IT Governance Publishing, Thejendra B.S

This book provides a detailed guide to IT service management (ITSM), centered around the ITIL framework to enhance IT service delivery. It starts by introducing foundational concepts such as IT services, common challenges in IT departments, and the evolution of ITIL, particularly the 2011 edition. The early chapters cover core topics like service strategy, design, and the ITIL lifecycle, offering a strong foundation for understanding how ITIL aligns with business objectives.As the book progresses, it delves into key ITIL processes such as service desk management, incident management, problem management, change and release management, and service asset management. Each chapter explains the roles, responsibilities, and best practices for each process, providing actionable advice and real-world examples for effective application. These sections focus on improving service efficiency and handling IT challenges.The final chapters address advanced topics like service level management, financial management, supplier management, and service continuity. These insights help readers manage resources, build vendor relationships, and ensure business continuity. By the end, readers will be equipped to apply ITIL to optimize IT operations, align them with business needs, and drive continuous improvement.

Securing Cloud Services. A Comprehensive Approach to Safeguarding Cloud Infrastructure, Services, and Data

IT Governance Publishing, Lee Newcombe

Cloud computing plays a critical role in modern business, but with it comes a host of security challenges. This book explores the intricacies of securing cloud services, starting with foundational concepts of cloud computing and moving into specific service and deployment models. It provides insights into balancing security benefits with potential risks such as availability issues, shadow IT, and information leakage. The book goes on to focus on security threats, from hackers and insiders to government entities, while offering strategies to mitigate these risks. The practical approach continues with a deep dive into security architecture, providing a structured model to secure cloud environments across IaaS, PaaS, SaaS, and more. Further, it examines the regulatory landscape, including compliance requirements, privacy concerns, and data protection laws that impact cloud service security. Finally, the book concludes with projections about the future of cloud security and emerging challenges. Readers will gain not only the theoretical foundations but also real-world insights that they can apply to strengthen their cloud service security.

Service Integration and Management (SIAM(TM)) Foundation Body of Knowledge (BoK). SIAM Frameworks from Ecosystem to Practices for Successful Service Integration

IT Governance Publishing, Claire Agutter

This book offers a detailed exploration of Service Integration and Management (SIAM™), providing insights into its frameworks, structures, and practical applications. It starts by covering the core principles of SIAM™, from its historical context to its role in optimizing service integration across multiple providers. The book then dives into the SIAM roadmap, outlining key stages such as discovery, strategy, planning, and execution, all essential for successful service management.Readers will gain an understanding of different SIAM structures, including externally sourced, internally sourced, and hybrid models, along with their respective advantages and challenges. It also explores how SIAM aligns with other service management practices like ITIL, COBIT, Lean, and Agile, offering a comprehensive approach to managing complex service ecosystems.The book places special emphasis on the roles and responsibilities within a SIAM ecosystem, including those of service providers, integrators, and customers. It also highlights the importance of cultural change, collaboration, and governance for effective SIAM implementation.Finally, readers will learn to identify and address common challenges and risks, equipping them with strategies to overcome obstacles and ensure smooth integration within their organization.

Service Integration and Management (SIAM(TM)) Professional Body of Knowledge (BoK). A structured approach to implementing and sustaining SIAM across complex service ecosystems

IT Governance Publishing, Claire Agutter

This book outlines a structured progression for implementing Service Integration and Management (SIAM) within complex, multi-vendor environments. It begins by defining SIAM principles, roles, layers, and structural models to establish a shared understanding of its purpose and scope.The roadmap then unfolds in four key stages. The Discovery & Strategy phase focuses on analyzing the current state, setting strategic drivers, and establishing governance foundations. In Plan & Build, the book guides readers through designing the SIAM model, sourcing structures, contracts, and process frameworks. The Implement stage addresses onboarding, transition planning, and applying change management across stakeholder groups. Finally, Run & Improve centers on operating the governance model, managing performance, conducting audits, and enabling continuous service development.Each chapter links practical methods with decision-making considerations, offering a reference for teams planning, launching, or refining a SIAM approach. The content is organized to support structured adoption while allowing flexibility for varied organizational contexts.

Ten Steps to ITSM Success. A Practitioner's Guide to Enterprise IT Transformation

IT Governance Publishing, Angelo Esposito, Timothy Rogers

This book provides a strategic framework for ITSM implementation, focusing on structured planning, role definition, process standardization, and ongoing performance assessments. With each chapter focusing on a critical aspect of ITSM, readers will gain the tools and knowledge needed to optimize service management practices and achieve long-term success. By the end of the book, IT leaders will understand how to build a robust ITSM program that aligns with business goals and drives continuous improvement.The book begins by setting the stage for ITSM implementation, helping readers assess the current state of services and plan their next steps. As the journey progresses, the book delves deeper into organizational changes, process development, and defining roles, ensuring that all stakeholders are aligned with the ITSM strategy.In the final chapters, the book focuses on deployment, continual improvement, and the importance of using metrics such as the balanced scorecard to ensure the ITSM framework is sustainable and continuously evolving. Readers will also learn how to handle operational sustainment and improve service delivery over time.

The Art of Cyber Security. A practical guide to winning the war on cyber crime

IT Governance Publishing, Gary Hibberd

This book redefines cyber security through the lens of creativity and classical strategy. It begins by exploring the mindset of the cyber defender as both artist and martial artist, highlighting the importance of intuition, flow, and individual perspective. It challenges rigid educational models and argues for a more adaptive, expressive approach to security thinking.Building on this foundation, the second part interprets Sun Tzu’s The Art of War in a cyber context. Each chapter reframes traditional military concepts—deception, preparation, leadership, and adaptability—through the realities of digital threats. The text emphasizes how timeless strategies apply to the modern information battlefield.By blending philosophy, history, and practical insight, the book offers a unique take on digital defense. It invites readers to reflect on their approach, question assumptions, and embrace both logic and creativity. This is not just a guide to threats and tactics, but a call to rethink what it means to be a cyber security professional today.

The California Privacy Rights Act (CPRA). An implementation and compliance guide

IT Governance Publishing, Preston Bukaty

This comprehensive guide to the California Privacy Rights Act (CPRA) explores its impact on businesses and consumers within California. The book begins with a clear explanation of CPRA’s territorial and material jurisdiction, providing readers with an understanding of where and how the law applies. It delves into key definitions critical for businesses and individuals alike, covering terms such as personal information, pseudonymization, and consumer rights. One of the focal points of the book is the examination of the rights granted to consumers, including the right to access, delete, and opt-out of data sales. Alongside this, it addresses the business obligations, such as the need for privacy notices and compliance with security requirements. The book also offers an analysis of penalties for non-compliance and breach notification procedures, making it an essential resource for understanding the legal landscape of consumer privacy in California. It concludes with an overview of related laws that further influence how businesses must manage customer data.

The Cyber Security Handbook. Prepare, respond, and recover from cyber attacks using the IT Governance Cyber Resilience Framework

IT Governance Publishing, Alan Calder

This book offers a deep dive into cybersecurity, equipping professionals with tools and frameworks to protect organizations from diverse cyber threats. It covers critical areas such as information security, cyber resilience, and the regulatory and contractual requirements organizations must meet. The book delves into threat anatomy, analyzing technical, human, physical, and third-party vulnerabilities, and includes real-world case studies like the TalkTalk breach and WannaCry ransomware attack.It also emphasizes third-party risk management to ensure robust security practices across all areas. The book introduces the IT Governance Cyber Resilience Framework (CRF), a structured method for managing critical systems, guiding readers through the processes of identification, detection, response, recovery, and continual improvement. Practical strategies in areas like asset management, network security, and staff training are included.The final section offers actionable steps for implementing cybersecurity practices and introduces reference frameworks like NIST and ISO 27001 for compliance and ongoing improvement. With real-world examples and actionable frameworks, this guide is essential for professionals aiming to enhance their organization's cyber resilience.

The Power of the Agile Business Analyst. 30 surprising ways a business analyst can add value to your Agile development team

IT Governance Publishing, Jamie Lynn Cooke

Agile frameworks have revolutionized the way business analysis is integrated into projects, but the role of the Agile business analyst is still evolving. This book explores how business analysts can thrive within Agile teams, offering insights into both the challenges and opportunities they face. By understanding the power and limitations of Agile, the reader will gain practical tools to not only survive but thrive in an Agile environment. The text outlines why having a dedicated Agile business analyst is crucial and provides actionable advice on how to build the right team and minimize risks. The author goes beyond theory to offer concrete steps that help business analysts add value to Agile projects. The reader will walk away with a deep understanding of the evolving Agile landscape, including the critical role of business analysis and practical tips for improving team dynamics, managing risks, and maximizing value. This book is perfect for professionals looking to integrate Agile business analysis into their teams and projects to achieve better outcomes and continuous improvement.

The Ransomware Threat Landscape. Prepare for, recognise and survive ransomware attacks

IT Governance Publishing, Alan Calder

The Ransomware Threat Landscape offers an in-depth examination of ransomware, explaining how it works, its modes of access, and the consequences of attacks. The book begins by detailing the mechanisms of ransomware, how cybercriminals exploit vulnerabilities, and the damage it causes to organizations. It further explores the types of ransomware, their infection methods, and how attackers use ransomware for financial gain.The guide provides practical, actionable advice on basic and advanced cybersecurity measures to protect against ransomware. Topics like cybersecurity hygiene, staff awareness, and the importance of creating an anti-ransomware program are covered. The book emphasizes the role of a well-structured risk management framework and its application in preventing attacks and mitigating fallout from infections.For organizations of all sizes, the book offers tailored controls to strengthen defenses. It also explains the steps needed for a comprehensive recovery plan. Advanced prevention strategies for larger enterprises are discussed, making this guide suitable for IT professionals, security experts, and organizational leaders aiming to protect their systems from ransomware threats.

The Security Consultant's Handbook. Essential Strategies for Building and Managing a Security Consulting Business

IT Governance Publishing, Richard Bingley

Becoming a successful security consultant requires a unique set of skills that span both the business and security worlds. This handbook serves as a practical guide to help professionals navigate the complex landscape of security consulting. It covers everything from the entrepreneurial aspects of starting a business to the essential security disciplines like private investigations, information security, and protective security. You’ll also explore the growing importance of resilience in both personal and organizational contexts.The book also delves into the crucial elements of security legislation and regulation, offering a thorough understanding of the legal frameworks that affect security professionals. From UK human rights laws to international laws related to corporate management and conflict, readers will gain the knowledge necessary to operate securely and legally in a variety of environments. Whether you are just starting out or looking to refine your security consulting expertise, this handbook provides the insights needed to thrive in the ever-evolving security industry. It’s a must-read for anyone seeking to build a reputation as a trusted expert in the security consulting field.

The Service Desk Handbook. A guide to service desk implementation, management and support

IT Governance Publishing, Sanjay Nair

This book provides practical insights into service desk management, focusing on building and optimizing a service desk to meet organizational needs. It starts with an understanding of the service desk's role, mission, and vision, laying the foundation for effective operations. It covers strategic planning for a well-structured service desk, focusing on staffing, SLAs, and using knowledge bases and self-service portals.The book discusses essential tools and technologies like telephony systems and ITSM tools, and how to configure them for efficiency. It emphasizes developing high-performance teams focused on respect, integrity, and teamwork, highlighting the importance of clear documentation, such as standard operating procedures and incident management, to ensure consistency in service delivery.Performance measurement is emphasized with strategies for tracking success using CSFs, KPIs, and customer satisfaction metrics. It explores both qualitative and quantitative evaluations to improve service desk performance.Finally, it examines emerging trends such as AI and chatbots, and their integration into service desk operations. The last chapters offer professional tips, techniques for root cause analysis, and provide a roadmap to optimize service desk operations for future success.

The Universal Service Desk (USD). Implementing, controlling, and improving service delivery

IT Governance Publishing, Brian Johnson, Léon-Paul de Rouw

This book is your go-to guide to mastering the Universal Service Desk (USD) for improving service management. The reader will understand USD's role in enterprises, delve into its design process, and learn how to use it for effective customer service and business operations. With practical examples and industry case studies, this book offers deep insights into the application of the USD for organizational success.The book begins by introducing the USD concept, highlighting its importance in streamlining service delivery and enhancing customer satisfaction. It outlines how a demand-oriented approach can be implemented across various business environments, optimizing workflows from front-office interactions to back-office coordination. Through the chapters, readers will learn to adapt USD to meet the evolving needs of enterprises.The final chapters focus on advanced practices such as improving service quality, managing virtual USD platforms, and aligning service desk operations with business goals. By following the structured approach outlined, you’ll gain the tools to create a USD that delivers measurable value, fosters seamless communication, and aligns with organizational priorities.

Well-being in the workplace. A guide to resilience for individuals and teams

IT Governance Publishing, Sarah Cook

This book explores the critical role of resilience in workplace well-being, offering practical tools to enhance physical, emotional, mental, and social health. It begins by defining resilience and its importance, especially in the wake of the pandemic, and explains how it impacts both individuals and teams. Early chapters focus on self-assessment, helping readers gauge their resilience and stress levels, while providing actionable steps for improvement.The book then dives into specific areas of well-being, such as physical health, emotional management, and mental strategies like positive thinking and mindfulness. It emphasizes the significance of social connections and offers practical advice for building support networks in a virtual world. For managers, there are strategies to foster resilience in their teams, from regular communication to promoting well-being initiatives.Each chapter is filled with case studies, self-assessment tools, and reflection points, ensuring readers can apply concepts directly to their work environment. The final section ties everything together with tips on making new resilience habits stick, reinforcing long-term well-being in the workplace.