Disaster Recovery and Business Continuity. A quick guide for organisations and business managers

IT Governance Publishing, Thejendra B.S

This book delves into disaster recovery (DR) and business continuity (BC), offering practical strategies for organizations to prepare for and manage disruptions. It starts by defining core concepts of DR and BC, highlighting their role in crisis management. Early chapters explore business impact analysis, data protection, and risk assessment, while examining common IT and non-IT disasters like data loss, cyberattacks, and communication failures.Later sections focus on specific disaster scenarios, such as virus attacks, software failures, and data center risks, offering prevention methods and recovery plans. It also addresses human factors in DR, covering IT staff and contractor management, and the risks tied to outsourcing and project failures.In addition to IT risks, the book explores non-IT disasters, including health crises, financial challenges, and natural events, with strategies for mitigation. The final chapters provide guidance on creating and testing contingency plans, featuring checklists and mock run procedures. This book empowers readers to design, implement, and maintain effective DR and BC plans for their organization’s needs.

NIST CSF 2.0. Your essential introduction to managing cybersecurity risks

IT Governance Publishing, Andrew Pattison

This comprehensive guide introduces the origins, aims, and components of the NIST Cybersecurity Framework (CSF) 2.0. It explores the core structure including functions, categories, subcategories, and profiles, and provides detailed implementation tiers and examples.Readers are then guided through a deep dive into all six framework categories—from Govern to Recover—and learn how to develop and apply risk management strategies within an organization. The content covers NIST SP 800-53, informative references, and practical quick-start guides to help translate theory into action.The final sections offer a seven-step implementation roadmap, including gap analysis, target profiles, and continuous improvement. The book concludes by mapping the CSF to international standards like ISO 27001 and ISO 22301, offering a well-rounded and interoperable cybersecurity strategy.

The Power of the Agile Business Analyst. 30 surprising ways a business analyst can add value to your Agile development team

IT Governance Publishing, Jamie Lynn Cooke

Agile frameworks have revolutionized the way business analysis is integrated into projects, but the role of the Agile business analyst is still evolving. This book explores how business analysts can thrive within Agile teams, offering insights into both the challenges and opportunities they face. By understanding the power and limitations of Agile, the reader will gain practical tools to not only survive but thrive in an Agile environment. The text outlines why having a dedicated Agile business analyst is crucial and provides actionable advice on how to build the right team and minimize risks. The author goes beyond theory to offer concrete steps that help business analysts add value to Agile projects. The reader will walk away with a deep understanding of the evolving Agile landscape, including the critical role of business analysis and practical tips for improving team dynamics, managing risks, and maximizing value. This book is perfect for professionals looking to integrate Agile business analysis into their teams and projects to achieve better outcomes and continuous improvement.

Ten Steps to ITSM Success. A Practitioner's Guide to Enterprise IT Transformation

IT Governance Publishing, Angelo Esposito, Timothy Rogers

This book provides a strategic framework for ITSM implementation, focusing on structured planning, role definition, process standardization, and ongoing performance assessments. With each chapter focusing on a critical aspect of ITSM, readers will gain the tools and knowledge needed to optimize service management practices and achieve long-term success. By the end of the book, IT leaders will understand how to build a robust ITSM program that aligns with business goals and drives continuous improvement.The book begins by setting the stage for ITSM implementation, helping readers assess the current state of services and plan their next steps. As the journey progresses, the book delves deeper into organizational changes, process development, and defining roles, ensuring that all stakeholders are aligned with the ITSM strategy.In the final chapters, the book focuses on deployment, continual improvement, and the importance of using metrics such as the balanced scorecard to ensure the ITSM framework is sustainable and continuously evolving. Readers will also learn how to handle operational sustainment and improve service delivery over time.

Adaptable Project Management. A combination of Agile and Project Management for All (PM4A)

IT Governance Publishing, Colin Bentley

This book delves into adaptable project management, emphasizing flexibility in fast-paced environments. It introduces foundational principles, agile terminology, and proven methodologies for success. You will learn how to handle risks, plan projects carefully, and ensure progress using practical tools. The book also explores techniques for managing change and tracking progress, allowing project managers to adapt as needed. Each chapter provides insights for leading teams through complex project phases.Throughout the book, you'll gain the skills to manage projects from start to finish, applying agile methods in real-world scenarios. You'll learn to adapt to changes, manage risks, and keep projects on track. Whether you're overseeing small teams or large projects, the strategies in this book are designed to help you succeed.By the end, you will have mastered the essential skills for managing projects in dynamic, unpredictable environments. You'll be prepared to face challenges confidently, implementing adaptable project management strategies. The book promotes a forward-thinking mindset, equipping readers to lead projects with agility across diverse industries.

Integrated Measurement - KPIs and Metrics for ITSM. A narrative account

IT Governance Publishing, Daniel McLean

This book is a comprehensive guide to understanding and utilizing Key Performance Indicators (KPIs) and metrics in IT Service Management (ITSM). It starts by breaking down complex concepts into easy-to-understand ideas, ensuring even beginners can grasp the essentials of measuring IT service performance. Early chapters introduce foundational principles, helping readers recognize why KPIs matter and how they contribute to operational success.As the book progresses, it delves into the application of these metrics to optimize ITSM processes, offering strategies to tackle challenges in data collection and analysis. The text emphasizes how to identify meaningful data amidst the noise and use it to drive informed decisions. Each chapter builds on practical insights, guiding professionals through the nuances of ITSM measurement and performance enhancement.By the end, readers will have a clear understanding of how to leverage KPIs to achieve measurable improvements, create data-driven strategies, and foster a culture of continuous improvement in their organizations. With real-world examples and actionable advice, this book equips IT professionals with the tools necessary to measure success and elevate their IT service management practices.

The Cyber Security Handbook. Prepare, respond, and recover from cyber attacks using the IT Governance Cyber Resilience Framework

IT Governance Publishing, Alan Calder

This book offers a deep dive into cybersecurity, equipping professionals with tools and frameworks to protect organizations from diverse cyber threats. It covers critical areas such as information security, cyber resilience, and the regulatory and contractual requirements organizations must meet. The book delves into threat anatomy, analyzing technical, human, physical, and third-party vulnerabilities, and includes real-world case studies like the TalkTalk breach and WannaCry ransomware attack.It also emphasizes third-party risk management to ensure robust security practices across all areas. The book introduces the IT Governance Cyber Resilience Framework (CRF), a structured method for managing critical systems, guiding readers through the processes of identification, detection, response, recovery, and continual improvement. Practical strategies in areas like asset management, network security, and staff training are included.The final section offers actionable steps for implementing cybersecurity practices and introduces reference frameworks like NIST and ISO 27001 for compliance and ongoing improvement. With real-world examples and actionable frameworks, this guide is essential for professionals aiming to enhance their organization's cyber resilience.

Well-being in the workplace. A guide to resilience for individuals and teams

IT Governance Publishing, Sarah Cook

This book explores the critical role of resilience in workplace well-being, offering practical tools to enhance physical, emotional, mental, and social health. It begins by defining resilience and its importance, especially in the wake of the pandemic, and explains how it impacts both individuals and teams. Early chapters focus on self-assessment, helping readers gauge their resilience and stress levels, while providing actionable steps for improvement.The book then dives into specific areas of well-being, such as physical health, emotional management, and mental strategies like positive thinking and mindfulness. It emphasizes the significance of social connections and offers practical advice for building support networks in a virtual world. For managers, there are strategies to foster resilience in their teams, from regular communication to promoting well-being initiatives.Each chapter is filled with case studies, self-assessment tools, and reflection points, ensuring readers can apply concepts directly to their work environment. The final section ties everything together with tips on making new resilience habits stick, reinforcing long-term well-being in the workplace.

An Education in Service Management. A guide to building a successful service management career and delivering organisational success

IT Governance Publishing, David Barrow

This comprehensive guide to Service Management explores the core principles of ITSM and its crucial role in modern enterprises. It begins by introducing the fundamentals, addressing common challenges, and showcasing the strategic value service management brings to organizations. The book emphasizes practical applications and the importance of communication in building strong professional communities. As the author shares personal insights and experiences, readers gain a deeper understanding of the dynamic nature of service management.The book then shifts to career-focused content, offering guidance on how to transition service management certifications into professional opportunities and growth. By examining the personal and professional sides of service management, it provides readers with actionable steps to advance their careers, whether they are just starting or looking to deepen their expertise. The content encourages readers to see service management as not only a necessary skill but also a fulfilling career path, highlighting both its challenges and rewards.

ITIL(R) 4 High-velocity IT (HVIT). Your companion to the ITIL® 4 Managing Professional HVIT certification

IT Governance Publishing, Claire Agutter

This book guides readers through the core principles and practices of High-Velocity IT, offering a comprehensive approach to modern IT service management. It begins with foundational concepts, introducing High-Velocity IT and the essential behaviors needed for success in dynamic environments. Readers are then introduced to the digital product lifecycle and the ITIL® operating model, which emphasize the importance of service value systems and value streams in driving business outcomes.The book delves into key behaviors that support continuous improvement, including adaptability, trust, and commitment to learning. It also covers various principles and models, such as Lean, Agile, and Design Thinking, offering practical techniques to enhance IT performance.In the later chapters, the focus shifts to ensuring valuable investments, fast development, resilient operations, and co-created value. It presents techniques for achieving these objectives while aligning with ITIL® 4 practices. The final chapter prepares readers for the HVIT certification exam, consolidating key learnings and providing a solid foundation for future success in High-Velocity IT environments. This book offers both theory and practical guidance for those seeking to thrive in fast-paced, value-driven IT operations.

The Security Consultant's Handbook. Essential Strategies for Building and Managing a Security Consulting Business

IT Governance Publishing, Richard Bingley

Becoming a successful security consultant requires a unique set of skills that span both the business and security worlds. This handbook serves as a practical guide to help professionals navigate the complex landscape of security consulting. It covers everything from the entrepreneurial aspects of starting a business to the essential security disciplines like private investigations, information security, and protective security. You’ll also explore the growing importance of resilience in both personal and organizational contexts.The book also delves into the crucial elements of security legislation and regulation, offering a thorough understanding of the legal frameworks that affect security professionals. From UK human rights laws to international laws related to corporate management and conflict, readers will gain the knowledge necessary to operate securely and legally in a variety of environments. Whether you are just starting out or looking to refine your security consulting expertise, this handbook provides the insights needed to thrive in the ever-evolving security industry. It’s a must-read for anyone seeking to build a reputation as a trusted expert in the security consulting field.

Establishing an Occupational Health & Safety Management System. A practical guide to implementing ISO 45001 for better occupational health and safety

IT Governance Publishing, Naeem Sadiq

This book is designed to guide organizations through the process of establishing an Occupational Health and Safety Management System (OHSMS) based on ISO 45001. It begins by explaining the significance of ISO 45001 and its structure, providing a foundational understanding of the standard's importance in enhancing workplace health and safety. The book focuses on critical topics such as identifying workplace risks, determining legal and other regulatory requirements, and the importance of leadership and worker participation. Each section presents practical strategies and methodologies for building and implementing an effective OHSMS, ensuring a proactive safety culture. Through real-world examples and actionable insights, this book helps professionals navigate the complexities of ISO 45001, ensuring organizations meet compliance standards while fostering a safe and healthy work environment.

ISO 27001/ISO 27002. A guide to information security management systems

IT Governance Publishing, Alan Calder

This comprehensive guide demystifies the ISO 27001 and ISO 27002 standards, offering a clear roadmap to understanding, implementing, and managing an Information Security Management System (ISMS). It begins with foundational concepts, a history of ISO 27001, and introduces the ISO 27000 family. The book proceeds to cover the PDCA cycle, Annex SL structure, and the significance of shall vs. should in compliance language.Core chapters walk through ISO 27001’s clauses and requirements, from organizational context and leadership to performance evaluation and continual improvement. Annex A's security controls are explored in detail, linking theory with practical application. ISO 27002 is also thoroughly reviewed to offer guidance on selecting and implementing appropriate controls.By the end of the book, readers gain a strong understanding of ISMS design, certification processes, and control mapping. This resource supports IT managers, compliance officers, and auditors seeking to align with international security standards.

ISO 27001 Controls. Mastering ISO 27001: A Step-by-Step Guide to Effective Implementation and Auditing

IT Governance Publishing, Bridget Kenyon

This guide offers a comprehensive approach to implementing and auditing ISO 27001 controls, providing clear steps for establishing a robust Information Security Management System (ISMS). It is designed to help organizations navigate the complexities of meeting international security standards while ensuring the protection of sensitive information. The book covers every aspect of ISO/IEC 27001, from the foundational principles to practical applications of organizational, physical, and technological controls.Each chapter is carefully structured to explain the implementation of specific controls, focusing on real-world scenarios and offering actionable advice for security professionals. With detailed instructions and clear examples, readers will gain a deep understanding of the ISO 27001 framework and how to align their organizations with best practices. In addition to control implementation, the book emphasizes ongoing compliance and risk management strategies. It highlights critical areas such as incident management, supplier relationships, and data protection, ensuring readers can address security challenges at all levels. Whether new to ISO 27001 or looking to refine an existing ISMS, this book provides the tools necessary for successful information security management and compliance auditing.

ISO 14001 Step by Step. A comprehensive guide to implementing ISO 14001 environmental management standards

IT Governance Publishing, Naeem Sadiq, Asif Hayat Khan

This book offers a thorough walk-through of the ISO 14001 standard, providing practical guidance on meeting its requirements. It includes clear explanations, examples, and sample procedures to help readers understand and apply environmental management principles. By following this guide, businesses can develop effective environmental policies, measure and monitor environmental performance, and continuously improve their management systems to align with sustainability goals. The book covers everything from emergency preparedness to internal audits and management reviews. It also provides tools such as sample procedures for identifying environmental aspects, ensuring regulatory compliance, and controlling documented information. Each chapter is designed to help organizations not only achieve ISO 14001 certification but also foster a long-term commitment to sustainable environmental practices.

The California Privacy Rights Act (CPRA). An implementation and compliance guide

IT Governance Publishing, Preston Bukaty

This comprehensive guide to the California Privacy Rights Act (CPRA) explores its impact on businesses and consumers within California. The book begins with a clear explanation of CPRA’s territorial and material jurisdiction, providing readers with an understanding of where and how the law applies. It delves into key definitions critical for businesses and individuals alike, covering terms such as personal information, pseudonymization, and consumer rights. One of the focal points of the book is the examination of the rights granted to consumers, including the right to access, delete, and opt-out of data sales. Alongside this, it addresses the business obligations, such as the need for privacy notices and compliance with security requirements. The book also offers an analysis of penalties for non-compliance and breach notification procedures, making it an essential resource for understanding the legal landscape of consumer privacy in California. It concludes with an overview of related laws that further influence how businesses must manage customer data.