The Service Desk Handbook. A guide to service desk implementation, management and support

IT Governance Publishing, Sanjay Nair

This book provides practical insights into service desk management, focusing on building and optimizing a service desk to meet organizational needs. It starts with an understanding of the service desk's role, mission, and vision, laying the foundation for effective operations. It covers strategic planning for a well-structured service desk, focusing on staffing, SLAs, and using knowledge bases and self-service portals.The book discusses essential tools and technologies like telephony systems and ITSM tools, and how to configure them for efficiency. It emphasizes developing high-performance teams focused on respect, integrity, and teamwork, highlighting the importance of clear documentation, such as standard operating procedures and incident management, to ensure consistency in service delivery.Performance measurement is emphasized with strategies for tracking success using CSFs, KPIs, and customer satisfaction metrics. It explores both qualitative and quantitative evaluations to improve service desk performance.Finally, it examines emerging trends such as AI and chatbots, and their integration into service desk operations. The last chapters offer professional tips, techniques for root cause analysis, and provide a roadmap to optimize service desk operations for future success.

Information Security Risk Management for ISO 27001/ISO 27002. A Practical Guide to Risk, Assessment, and Control Selection Aligned with ISO Standards

IT Governance Publishing, Alan Calder, Steve G Watkins

This guide navigates through the essential processes of risk management within an ISO 27001/27002 framework. Beginning with foundational principles and methodologies, it systematically details every stage from assessment and analysis to treatment and review. Readers will learn how to apply both qualitative and quantitative techniques to measure impact, likelihood, and risk levels accurately.The book provides clarity on roles, policies, asset classification, and control selection, reinforced by practical tools like gap analysis and risk assessment software. Real-world scenarios and methodologies are contextualized for effective decision-making aligned with international compliance standards.By the end, readers will possess a comprehensive understanding of implementing and sustaining a risk management system that meets ISO 27001/27002 requirements, enabling them to better safeguard information assets and demonstrate regulatory accountability.

IT for Business (IT4B). From Genesis to Revolution, a Business and IT approach to Digital Transformation

IT Governance Publishing, Brian Johnson, Walter Zondervan

This book delves into the evolving role of IT in business transformation, covering key strategies for aligning business objectives with digital tools and technologies. It focuses on the importance of governance, efficiency, and risk management in driving IT success. Readers will discover how to build effective IT strategies, manage service delivery, and improve stakeholder engagement in a rapidly changing digital landscape. With practical frameworks and real-world case studies, it provides a roadmap for managing the complexities of digital service design, contract management, and performance. As the book progresses, it highlights the challenges and opportunities IT presents, from governance issues to innovation drivers. It concludes with actionable insights into digital readiness and transformation, equipping readers with the tools to navigate and lead in the digital age.

ITIL(R) 4 Direct, Plan and Improve (DPI). Your companion to the ITIL® 4 Managing Professional and Strategic Leader DPI certification

IT Governance Publishing, Claire Agutter

This book offers a comprehensive exploration of ITIL® 4 Direct, Plan and Improve (DPI), beginning with key concepts of governance, risk management, continual improvement, and organizational change management. It introduces the essentials of direction, planning, and improvement, guiding readers in aligning strategic goals with actionable steps. The core methods, risks, and controls crucial for effective DPI practices are explored.As you progress, the book delves into governance, risk, and compliance, emphasizing how to align objectives and establish clear decision-making frameworks. You'll learn to craft policies and controls, ensuring a robust and adaptable service management strategy. A strong focus on continual improvement equips you with practical strategies for assessing and enhancing service quality.The book also covers organizational change management (OCM), providing techniques to manage emotional and social aspects of change while aligning with business goals. You’ll gain strategies for stakeholder communication, feedback mechanisms, and values-based change management. Finally, the book discusses measurement, reporting, and optimization, showing how to map value streams, optimize workflows, and measure performance. By the end, you’ll be ready to lead DPI initiatives and drive transformation within your organization.

ISO 50001. A strategic guide to establishing an energy management system

IT Governance Publishing, Alan Field

This guide introduces readers to the essential concepts of an Energy Management System (EnMS), with a focus on the internationally recognized ISO 50001 standard. It explains why energy management is a strategic priority, the benefits of adopting an EnMS, and how ISO 50001 plays a pivotal role in reducing energy consumption while enhancing environmental sustainability.The book covers the essential aspects of ISO 50001, from its key definitions and principles to the PDCA (Plan-Do-Check-Act) cycle that underpins its effectiveness. It also provides practical insights on integrating ISO 50001 with ISO 14001, creating a comprehensive management system that aligns with both energy and environmental objectives. Readers will learn about the key differences between the 2011 and 2018 versions of ISO 50001 and how to successfully prepare for third-party assessments to achieve certification.Perfect for energy managers, sustainability professionals, and organizations aiming to improve their energy efficiency, this book offers a detailed roadmap for implementing ISO 50001 and achieving long-term energy savings. It also highlights the strategic advantages of integrating energy management with broader sustainability goals and environmental management practices.

Business Continuity and the Pandemic Threat. Learning from COVID-19 while preparing for the next pandemic

IT Governance Publishing, Robert A. Clark

In today’s volatile world, businesses must be prepared for crises, especially pandemics. This book offers a comprehensive guide to help organizations adapt and survive in the face of such challenges. Analyzing the COVID-19 pandemic, it explores the virus's origins, the global response, and the reasons behind widespread unpreparedness. Real-world case studies provide insights into effective strategies and missteps during the crisis.The book offers practical tools for developing a robust business continuity plan and highlights the crucial role of leadership and crisis management teams. It also covers key lessons on managing lockdowns, mitigating economic impact, and addressing the psychological and societal effects of a pandemic. Emphasizing both operational and human aspects of crisis management, the book underscores that proactive preparedness today can safeguard businesses and lives tomorrow.

The Ransomware Threat Landscape. Prepare for, recognise and survive ransomware attacks

IT Governance Publishing, Alan Calder

The Ransomware Threat Landscape offers an in-depth examination of ransomware, explaining how it works, its modes of access, and the consequences of attacks. The book begins by detailing the mechanisms of ransomware, how cybercriminals exploit vulnerabilities, and the damage it causes to organizations. It further explores the types of ransomware, their infection methods, and how attackers use ransomware for financial gain.The guide provides practical, actionable advice on basic and advanced cybersecurity measures to protect against ransomware. Topics like cybersecurity hygiene, staff awareness, and the importance of creating an anti-ransomware program are covered. The book emphasizes the role of a well-structured risk management framework and its application in preventing attacks and mitigating fallout from infections.For organizations of all sizes, the book offers tailored controls to strengthen defenses. It also explains the steps needed for a comprehensive recovery plan. Advanced prevention strategies for larger enterprises are discussed, making this guide suitable for IT professionals, security experts, and organizational leaders aiming to protect their systems from ransomware threats.

ITIL(R) 4: Digital and IT Strategy (DITS). Your companion to the ITIL® 4 strategic leader DITS certification

IT Governance Publishing, Claire Agutter

This book explores ITIL® 4’s approach to digital strategy, starting with key concepts like digital transformation, ITIL® 4 guiding principles, and the role of technology in shaping business models. It introduces the driving forces behind change and how to align digital strategies with business goals for maximum impact.The middle chapters delve into the practical aspects of IT strategy, focusing on areas such as strategy management, governance, and continual improvement. Key topics like digital disruption, organizational viability, and strategic approaches for operational excellence are covered in-depth. The book provides a structured framework for managing risks, handling financial strategies, and fostering innovation in digital organizations.The final chapters guide readers on implementing and assessing digital strategies, from defining clear goals to establishing operational models. Practical tools, case studies, and exam preparation further enhance the reader's understanding. Ideal for IT professionals, business leaders, and strategists, this book equips them with the skills and knowledge to lead digital transformation and succeed in the modern business environment.

Practical IT Service Management. A concise guide for busy executives

IT Governance Publishing, Thejendra B.S

This book provides a detailed guide to IT service management (ITSM), centered around the ITIL framework to enhance IT service delivery. It starts by introducing foundational concepts such as IT services, common challenges in IT departments, and the evolution of ITIL, particularly the 2011 edition. The early chapters cover core topics like service strategy, design, and the ITIL lifecycle, offering a strong foundation for understanding how ITIL aligns with business objectives.As the book progresses, it delves into key ITIL processes such as service desk management, incident management, problem management, change and release management, and service asset management. Each chapter explains the roles, responsibilities, and best practices for each process, providing actionable advice and real-world examples for effective application. These sections focus on improving service efficiency and handling IT challenges.The final chapters address advanced topics like service level management, financial management, supplier management, and service continuity. These insights help readers manage resources, build vendor relationships, and ensure business continuity. By the end, readers will be equipped to apply ITIL to optimize IT operations, align them with business needs, and drive continuous improvement.

Cyber Essentials. A guide to the Cyber Essentials and Cyber Essentials Plus certifications

IT Governance Publishing, Alan Calder

This book is a practical guide to achieving Cyber Essentials certification, a key step in protecting your organization from cyber threats. It starts with an overview of the Cyber Essentials scheme and explains why certification is crucial. The book covers common cyber attacks like ransomware, social engineering, and denial of service, helping you understand potential threats.It then explores essential technical controls needed for certification, such as firewalls, secure configurations, user access control, and malware protection. It also highlights best practices like managing security updates to keep systems secure. Each chapter offers actionable advice on implementing these controls, emphasizing their role in strengthening your cybersecurity framework.The book concludes with a detailed look at the Cyber Essentials certification process. It guides you through preparing for certification, completing the checklist, and undergoing the assessment. Additional resources and tips for Cyber Essentials Plus certification are included for those seeking further guidance.This comprehensive guide provides the knowledge and tools to secure your organization, achieve certification, and maintain strong cybersecurity resilience.

ITIL(R) 4 Essentials. Your essential guide for the ITIL® 4 Foundation exam and beyond

IT Governance Publishing, Claire Agutter

The ITIL® 4 Essentials guide offers a comprehensive introduction to IT service management, focusing on ITIL® 4 practices and principles. Readers gain an understanding of the four dimensions of service management—organizations, people, information, technology, partners, and suppliers—which are key to delivering effective IT services.The guide highlights ITIL® 4’s seven guiding principles, such as focusing on value, collaborating, and working holistically. These principles are essential for creating effective service management strategies. Readers will learn how to integrate these principles into their daily operations, leading to enhanced service delivery and better alignment with business goals. Additionally, the book explores the importance of the Service Value System (SVS) and the Service Value Chain, offering a detailed look at how these frameworks drive continuous improvement and value creation.Lastly, the book covers essential ITIL® 4 practices like continual improvement, change management, and incident management. Each practice is explored in depth, providing practical guidance for implementation. The final chapters offer exam preparation tips, ensuring readers are ready for the ITIL® Foundation exam, with sample questions and strategies for success.

Securing Cloud Services. A Comprehensive Approach to Safeguarding Cloud Infrastructure, Services, and Data

IT Governance Publishing, Lee Newcombe

Cloud computing plays a critical role in modern business, but with it comes a host of security challenges. This book explores the intricacies of securing cloud services, starting with foundational concepts of cloud computing and moving into specific service and deployment models. It provides insights into balancing security benefits with potential risks such as availability issues, shadow IT, and information leakage. The book goes on to focus on security threats, from hackers and insiders to government entities, while offering strategies to mitigate these risks. The practical approach continues with a deep dive into security architecture, providing a structured model to secure cloud environments across IaaS, PaaS, SaaS, and more. Further, it examines the regulatory landscape, including compliance requirements, privacy concerns, and data protection laws that impact cloud service security. Finally, the book concludes with projections about the future of cloud security and emerging challenges. Readers will gain not only the theoretical foundations but also real-world insights that they can apply to strengthen their cloud service security.

PCI DSS Version 4.0.1. A guide to the payment card industry data security standard

IT Governance Publishing, Stephen Hancock

This book provides an essential resource for anyone involved in managing or ensuring PCI DSS compliance. It begins by introducing the Payment Card Industry Data Security Standard (PCI DSS), explaining its importance, and the regulatory framework that governs it. Readers will understand how to assess their organization’s compliance status and the vital steps to avoid data breaches. The book offers a comprehensive exploration of compliance programs and how organizations can design their own effective strategies.The text then dives into the specifics of PCI DSS, focusing on its core components and requirements. Key chapters describe how to comply with and maintain compliance, as well as how to use tools like the PCI self-assessment questionnaire (SAQ). Real-world case studies of cardholder data breaches highlight the consequences of non-compliance. Readers will also learn about the integration of PCI DSS with other standards like ISO/IEC 27001.Throughout, this guide emphasizes practical advice for implementing key security frameworks such as the Software Security Framework (SSF) and Point-to-Point Encryption (P2PE). By the end of the book, readers will have a clear roadmap to not only meet but sustain PCI DSS compliance and strengthen their organization's data security practices.

Service Integration and Management (SIAM(TM)) Foundation Body of Knowledge (BoK). SIAM Frameworks from Ecosystem to Practices for Successful Service Integration

IT Governance Publishing, Claire Agutter

This book offers a detailed exploration of Service Integration and Management (SIAM™), providing insights into its frameworks, structures, and practical applications. It starts by covering the core principles of SIAM™, from its historical context to its role in optimizing service integration across multiple providers. The book then dives into the SIAM roadmap, outlining key stages such as discovery, strategy, planning, and execution, all essential for successful service management.Readers will gain an understanding of different SIAM structures, including externally sourced, internally sourced, and hybrid models, along with their respective advantages and challenges. It also explores how SIAM aligns with other service management practices like ITIL, COBIT, Lean, and Agile, offering a comprehensive approach to managing complex service ecosystems.The book places special emphasis on the roles and responsibilities within a SIAM ecosystem, including those of service providers, integrators, and customers. It also highlights the importance of cultural change, collaboration, and governance for effective SIAM implementation.Finally, readers will learn to identify and address common challenges and risks, equipping them with strategies to overcome obstacles and ensure smooth integration within their organization.

Cyber Resilience. A Comprehensive Guide to Understanding and Implementing Cybersecurity Principles

IT Governance Publishing, Alan Calder

In today’s rapidly evolving digital landscape, cybersecurity is essential for protecting organizations from cyber threats. This book provides a thorough guide to building cyber resilience, starting with an in-depth understanding of the ever-changing cyber threat landscape. It covers foundational principles such as risk management, security controls, and defense-in-depth strategies, giving readers the knowledge needed to secure digital systems effectively.The book then delves into actionable cybersecurity controls, offering insights on asset management, identity and access control, encryption, and incident response management. Each section includes practical tips for implementation, ensuring that readers can apply these strategies in real-world scenarios. The goal is to help organizations not only understand cybersecurity but also to establish robust security policies and protocols to prevent and mitigate potential risks.Finally, the book emphasizes the importance of continual improvement and monitoring to maintain a resilient cybersecurity framework. It highlights the need for regular audits, vulnerability scanning, and staff training to adapt to new threats. By the end, readers will be equipped to build and sustain a resilient cybersecurity strategy that ensures long-term protection and business continuity.

The Art of Cyber Security. A practical guide to winning the war on cyber crime

IT Governance Publishing, Gary Hibberd

This book redefines cyber security through the lens of creativity and classical strategy. It begins by exploring the mindset of the cyber defender as both artist and martial artist, highlighting the importance of intuition, flow, and individual perspective. It challenges rigid educational models and argues for a more adaptive, expressive approach to security thinking.Building on this foundation, the second part interprets Sun Tzu’s The Art of War in a cyber context. Each chapter reframes traditional military concepts—deception, preparation, leadership, and adaptability—through the realities of digital threats. The text emphasizes how timeless strategies apply to the modern information battlefield.By blending philosophy, history, and practical insight, the book offers a unique take on digital defense. It invites readers to reflect on their approach, question assumptions, and embrace both logic and creativity. This is not just a guide to threats and tactics, but a call to rethink what it means to be a cyber security professional today.