Verleger: K-i-s-publishing
ISO 27001/ISO 27002. A guide to information security management systems
IT Governance Publishing, Alan Calder
This comprehensive guide demystifies the ISO 27001 and ISO 27002 standards, offering a clear roadmap to understanding, implementing, and managing an Information Security Management System (ISMS). It begins with foundational concepts, a history of ISO 27001, and introduces the ISO 27000 family. The book proceeds to cover the PDCA cycle, Annex SL structure, and the significance of shall vs. should in compliance language.Core chapters walk through ISO 27001’s clauses and requirements, from organizational context and leadership to performance evaluation and continual improvement. Annex A's security controls are explored in detail, linking theory with practical application. ISO 27002 is also thoroughly reviewed to offer guidance on selecting and implementing appropriate controls.By the end of the book, readers gain a strong understanding of ISMS design, certification processes, and control mapping. This resource supports IT managers, compliance officers, and auditors seeking to align with international security standards.
ISO 50001. A strategic guide to establishing an energy management system
IT Governance Publishing, Alan Field
This guide introduces readers to the essential concepts of an Energy Management System (EnMS), with a focus on the internationally recognized ISO 50001 standard. It explains why energy management is a strategic priority, the benefits of adopting an EnMS, and how ISO 50001 plays a pivotal role in reducing energy consumption while enhancing environmental sustainability.The book covers the essential aspects of ISO 50001, from its key definitions and principles to the PDCA (Plan-Do-Check-Act) cycle that underpins its effectiveness. It also provides practical insights on integrating ISO 50001 with ISO 14001, creating a comprehensive management system that aligns with both energy and environmental objectives. Readers will learn about the key differences between the 2011 and 2018 versions of ISO 50001 and how to successfully prepare for third-party assessments to achieve certification.Perfect for energy managers, sustainability professionals, and organizations aiming to improve their energy efficiency, this book offers a detailed roadmap for implementing ISO 50001 and achieving long-term energy savings. It also highlights the strategic advantages of integrating energy management with broader sustainability goals and environmental management practices.
IT Governance Publishing, Alan Shipman, Steve Watkins
In this book, readers will gain a comprehensive understanding of privacy information management (PIM) and the ISO/IEC 27701:2025 standards. The content begins by establishing the foundational principles of privacy and its significance in the modern data-driven world. It explores how organizations process personal information, the types of information involved, and the reasons behind its collection. Moving forward, the book delves into the implementation of PIMS controls to safeguard privacy, ensuring data is handled securely and in compliance with legal frameworks. The text also covers the application of privacy by design and by default, highlighting best practices for organizations to embed privacy throughout their systems and processes. In addition to practical guidance on managing privacy information, the book provides detailed instructions on certification and auditing processes to ensure compliance with ISO/IEC 27701 standards. By following this book, professionals will acquire the knowledge to implement effective privacy information management strategies across various business contexts.
IT Audit Field Manual. Strengthen your cyber defense through proactive IT auditing
Lewis Heuermann
As cyber threats evolve and regulations tighten, IT professionals struggle to maintain effective auditing practices and ensure robust cybersecurity across complex systems. Drawing from over a decade of submarine military service and extensive cybersecurity experience, Lewis offers a unique blend of technical expertise and field-tested insights in this comprehensive field manual.Serving as a roadmap for beginners as well as experienced professionals, this manual guides you from foundational concepts and audit planning to in-depth explorations of auditing various IT systems and networks, including Cisco devices, next-generation firewalls, cloud environments, endpoint security, and Linux systems. You’ll develop practical skills in assessing security configurations, conducting risk assessments, and ensuring compliance with privacy regulations. This book also covers data protection, reporting, remediation, advanced auditing techniques, and emerging trends.Complete with insightful guidance on building a successful career in IT auditing, by the end of this book, you’ll be equipped with the tools to navigate the complex landscape of cybersecurity and compliance, bridging the gap between technical expertise and practical application.
IT Governance Publishing, Brian Johnson, Walter Zondervan
This book delves into the evolving role of IT in business transformation, covering key strategies for aligning business objectives with digital tools and technologies. It focuses on the importance of governance, efficiency, and risk management in driving IT success. Readers will discover how to build effective IT strategies, manage service delivery, and improve stakeholder engagement in a rapidly changing digital landscape. With practical frameworks and real-world case studies, it provides a roadmap for managing the complexities of digital service design, contract management, and performance. As the book progresses, it highlights the challenges and opportunities IT presents, from governance issues to innovation drivers. It concludes with actionable insights into digital readiness and transformation, equipping readers with the tools to navigate and lead in the digital age.
IT Governance. An international guide to data security and ISO 27001/ISO 27002
IT Governance Publishing, Alan Calder, Steve G...
In the modern digital landscape, information security has never been more critical. This book introduces readers to the essential components of IT governance, focusing on frameworks like ISO 27001 and strategies for managing risks in today's complex information economy. The content explores key topics like cybersecurity, risk management, information security policies, and compliance with international standards. As you progress, you’ll learn to navigate the challenges of organizing and maintaining a secure IT environment, with insights into compliance regulations, security frameworks, and governance codes. The book provides hands-on guidance on applying security controls, setting up robust information security policies, and evaluating risks. Real-world scenarios and practical applications ensure the knowledge gained is immediately applicable to professional environments.The journey culminates in an understanding of how to integrate IT governance within an organization. You’ll learn to assess vulnerabilities, implement risk management strategies, and ensure that security measures align with both business goals and regulatory requirements. The book equips readers with the tools needed to strengthen IT systems against evolving threats and to stay ahead in the information security landscape.
Barzan Antal Tony (Euro)
OCS Inventory NG is a cross-platform, open-source inventory and asset management solution. It brings more than plentiful features to the table to satisfy the business needs of small-to-large organizations with up to tens of thousands of computers. However, to put this inventory solution to optimum use requires a lot of skill.This book will lead you through the steps of implementing OCS-NG until you master working with it. This book aims at reducing efforts involved in resource management. The solution gives a robust foundation on top of which we can implement other third party applications, plugins, and much more.This book begins with the basics—it explains what IT inventorying needs are to be met in the real-world. Then, it covers a step-by-step approach to everything you need to know to set up and implement OCS-NG as a centralized inventory solution to meet all these requirements. It delves deeper into carrying out inventory tasks with every chapter.You will learn how to choose the best agent type and deployment method. We discuss the process of gathering inventory data and cover techniques for creating and deploying packages. You will also learn how to acquire added benefits with the use of plugins. We discuss best practices on inventorying and troubleshooting agent-related problems. The book presents real-world inventorying scenarios along with their solutions. You will basically learn how to use OCS-NG to get the most out of it.As a conclusion, if you want to learn about a free solution that fulfils inventorying necessities of the real-world, this is the book for you.
IT Governance Publishing, Claire Agutter
This book offers a thorough guide to ITIL® 4’s Create, Deliver, and Support (CDS) module, covering key concepts and practices for IT service management. It begins with foundational aspects of the service value system (SVS), highlighting organizational structures, roles, and collaborative cultures essential for successful service delivery. The early chapters focus on adopting a shift-left approach to resource management, helping teams prioritize efficiency and proactive problem-solving.As the book progresses, it explores the strategic planning and management of resources within the SVS, stressing the importance of continual improvement and leveraging technology to optimize service management. It also provides insight into managing value streams for new services, guiding readers on how to create, manage, and measure service value chains for improved service delivery and innovation.The later chapters address specific ITIL® practices, such as service design, incident management, problem management, and knowledge management. The book concludes with exam preparation for ITIL® 4 CDS, offering practical case studies and real-world scenarios.By the end, readers will be equipped to enhance service management processes and ensure the delivery of high-quality IT services aligned with business objectives.