Verleger: IT Governance Publishing
ISO 27001/ISO 27002. A guide to information security management systems
IT Governance Publishing, Alan Calder
This comprehensive guide demystifies the ISO 27001 and ISO 27002 standards, offering a clear roadmap to understanding, implementing, and managing an Information Security Management System (ISMS). It begins with foundational concepts, a history of ISO 27001, and introduces the ISO 27000 family. The book proceeds to cover the PDCA cycle, Annex SL structure, and the significance of shall vs. should in compliance language.Core chapters walk through ISO 27001’s clauses and requirements, from organizational context and leadership to performance evaluation and continual improvement. Annex A's security controls are explored in detail, linking theory with practical application. ISO 27002 is also thoroughly reviewed to offer guidance on selecting and implementing appropriate controls.By the end of the book, readers gain a strong understanding of ISMS design, certification processes, and control mapping. This resource supports IT managers, compliance officers, and auditors seeking to align with international security standards.
ISO 50001. A strategic guide to establishing an energy management system
IT Governance Publishing, Alan Field
This guide introduces readers to the essential concepts of an Energy Management System (EnMS), with a focus on the internationally recognized ISO 50001 standard. It explains why energy management is a strategic priority, the benefits of adopting an EnMS, and how ISO 50001 plays a pivotal role in reducing energy consumption while enhancing environmental sustainability.The book covers the essential aspects of ISO 50001, from its key definitions and principles to the PDCA (Plan-Do-Check-Act) cycle that underpins its effectiveness. It also provides practical insights on integrating ISO 50001 with ISO 14001, creating a comprehensive management system that aligns with both energy and environmental objectives. Readers will learn about the key differences between the 2011 and 2018 versions of ISO 50001 and how to successfully prepare for third-party assessments to achieve certification.Perfect for energy managers, sustainability professionals, and organizations aiming to improve their energy efficiency, this book offers a detailed roadmap for implementing ISO 50001 and achieving long-term energy savings. It also highlights the strategic advantages of integrating energy management with broader sustainability goals and environmental management practices.
IT Governance Publishing, Alan Shipman, Steve Watkins
In this book, readers will gain a comprehensive understanding of privacy information management (PIM) and the ISO/IEC 27701:2025 standards. The content begins by establishing the foundational principles of privacy and its significance in the modern data-driven world. It explores how organizations process personal information, the types of information involved, and the reasons behind its collection. Moving forward, the book delves into the implementation of PIMS controls to safeguard privacy, ensuring data is handled securely and in compliance with legal frameworks. The text also covers the application of privacy by design and by default, highlighting best practices for organizations to embed privacy throughout their systems and processes. In addition to practical guidance on managing privacy information, the book provides detailed instructions on certification and auditing processes to ensure compliance with ISO/IEC 27701 standards. By following this book, professionals will acquire the knowledge to implement effective privacy information management strategies across various business contexts.
IT Governance Publishing, Brian Johnson, Walter Zondervan
This book delves into the evolving role of IT in business transformation, covering key strategies for aligning business objectives with digital tools and technologies. It focuses on the importance of governance, efficiency, and risk management in driving IT success. Readers will discover how to build effective IT strategies, manage service delivery, and improve stakeholder engagement in a rapidly changing digital landscape. With practical frameworks and real-world case studies, it provides a roadmap for managing the complexities of digital service design, contract management, and performance. As the book progresses, it highlights the challenges and opportunities IT presents, from governance issues to innovation drivers. It concludes with actionable insights into digital readiness and transformation, equipping readers with the tools to navigate and lead in the digital age.
IT Governance. An international guide to data security and ISO 27001/ISO 27002
IT Governance Publishing, Alan Calder, Steve G...
In the modern digital landscape, information security has never been more critical. This book introduces readers to the essential components of IT governance, focusing on frameworks like ISO 27001 and strategies for managing risks in today's complex information economy. The content explores key topics like cybersecurity, risk management, information security policies, and compliance with international standards. As you progress, you’ll learn to navigate the challenges of organizing and maintaining a secure IT environment, with insights into compliance regulations, security frameworks, and governance codes. The book provides hands-on guidance on applying security controls, setting up robust information security policies, and evaluating risks. Real-world scenarios and practical applications ensure the knowledge gained is immediately applicable to professional environments.The journey culminates in an understanding of how to integrate IT governance within an organization. You’ll learn to assess vulnerabilities, implement risk management strategies, and ensure that security measures align with both business goals and regulatory requirements. The book equips readers with the tools needed to strengthen IT systems against evolving threats and to stay ahead in the information security landscape.
IT Governance Publishing, Claire Agutter
This book offers a thorough guide to ITIL® 4’s Create, Deliver, and Support (CDS) module, covering key concepts and practices for IT service management. It begins with foundational aspects of the service value system (SVS), highlighting organizational structures, roles, and collaborative cultures essential for successful service delivery. The early chapters focus on adopting a shift-left approach to resource management, helping teams prioritize efficiency and proactive problem-solving.As the book progresses, it explores the strategic planning and management of resources within the SVS, stressing the importance of continual improvement and leveraging technology to optimize service management. It also provides insight into managing value streams for new services, guiding readers on how to create, manage, and measure service value chains for improved service delivery and innovation.The later chapters address specific ITIL® practices, such as service design, incident management, problem management, and knowledge management. The book concludes with exam preparation for ITIL® 4 CDS, offering practical case studies and real-world scenarios.By the end, readers will be equipped to enhance service management processes and ensure the delivery of high-quality IT services aligned with business objectives.
IT Governance Publishing, Claire Agutter
This book explores ITIL® 4’s approach to digital strategy, starting with key concepts like digital transformation, ITIL® 4 guiding principles, and the role of technology in shaping business models. It introduces the driving forces behind change and how to align digital strategies with business goals for maximum impact.The middle chapters delve into the practical aspects of IT strategy, focusing on areas such as strategy management, governance, and continual improvement. Key topics like digital disruption, organizational viability, and strategic approaches for operational excellence are covered in-depth. The book provides a structured framework for managing risks, handling financial strategies, and fostering innovation in digital organizations.The final chapters guide readers on implementing and assessing digital strategies, from defining clear goals to establishing operational models. Practical tools, case studies, and exam preparation further enhance the reader's understanding. Ideal for IT professionals, business leaders, and strategists, this book equips them with the skills and knowledge to lead digital transformation and succeed in the modern business environment.
IT Governance Publishing, Claire Agutter
This book offers a comprehensive exploration of ITIL® 4 Direct, Plan and Improve (DPI), beginning with key concepts of governance, risk management, continual improvement, and organizational change management. It introduces the essentials of direction, planning, and improvement, guiding readers in aligning strategic goals with actionable steps. The core methods, risks, and controls crucial for effective DPI practices are explored.As you progress, the book delves into governance, risk, and compliance, emphasizing how to align objectives and establish clear decision-making frameworks. You'll learn to craft policies and controls, ensuring a robust and adaptable service management strategy. A strong focus on continual improvement equips you with practical strategies for assessing and enhancing service quality.The book also covers organizational change management (OCM), providing techniques to manage emotional and social aspects of change while aligning with business goals. You’ll gain strategies for stakeholder communication, feedback mechanisms, and values-based change management. Finally, the book discusses measurement, reporting, and optimization, showing how to map value streams, optimize workflows, and measure performance. By the end, you’ll be ready to lead DPI initiatives and drive transformation within your organization.