Alan Calder

IT Governance: Implementing Frameworks and Standards for the Corporate Governance of IT (eBook, ePUB)

• Format: ePub

Produktbeschreibung

Use an IT Governance strategy to reduce riskAn Introduction for Directors and IT professionalsThe modern organisation is increasingly working within the context of corporate governance. The subject dictates their day-to-day and strategic activities, especially corporate information asset risk management and investment, and the ICT infrastructure within which those information assets are collected, manipulated, stored and deployed.But what is corporate governance, and why is it important to the IT professional? Why is IT governance important to the company director, and what do directors of companies - both quoted and unquoted - need to know?The Calder-Moir FrameworkThe book also explains how to integrate each standard and framework using The Calder-Moir Framework (download for free from www.itgovernance.co.uk/calder_moir.aspx), which was developed specifically to help organisations manage and govern their IT operations more effectively, and to coordinate the sometimes wide range of overlapping and competing frameworks and standards. It also specifically supports implementation of ISO/IEC 38500, the international standard for best practice IT governance.Practical IT Governance guidanceBoard executives and IT professionals can learn to maximise their use of the numerous IT management and IT governance frameworks and standards - particularly ISO/IEC 38500 - to best corporate and commercial advantage.Build an IT Governance FrameworkWithin a 'super framework', or 'meta -framework', you can integrate each of these standards and frameworks whilst making sure that each can deliver what it was designed to do. Developing an overarching framework will enable your organisation to design IT governance to meet your own needs.

---

Dieser Download kann aus rechtlichen Gründen nur mit Rechnungsadresse in A, B, BG, CY, CZ, D, DK, EW, E, FIN, F, GR, HR, H, IRL, I, LT, L, LR, M, NL, PL, P, R, S, SLO, SK ausgeliefert werden.

Produktdetails

• Verlag: IT Governance Publishing
• Seitenzahl: 209
• Erscheinungstermin: 13. März 2009
• Englisch
• ISBN-13: 9781905356911
• Artikelnr.: 38363167

Autorenporträt

Alan Calder founded IT Governance Ltd in 2002 and began working full-time for the company in 2007. He is now Group CEO of GRC International Group PLC, the AIM-listed company that owns IT Governance Ltd. Before this, Alan had a number of roles including CEO of Business Link London City Partners (a government agency focused on helping growing businesses to develop) from 1995 to 1998, CEO of Focus Central London (a training and enterprise council) from 1998 to 2001, and CEO of Wide Learning (a supplier of e-learning) from 2001 to 2003 and the Outsourced Training Company (2005). He was also chairman of CEME (a public-private sector skills partnership) from 2006 to 2011. Alan is an acknowledged international cyber security guru and a leading author on information security and IT governance issues. He has been involved in the development of a wide range of information security management training courses that have been accredited by ITBITGQ (International Board for IT Governance Qualifications). Alan has consulted for clients in the UK and abroad, and is a regular media commentator and speaker.

Inhaltsangabe

Chapter
01: Why is information security necessary?; Chapter
02: The UK combined code, the FRC risk guidance and Sarbanes
Oxley; Chapter
03: ISO27001; Chapter
04: Organizing information security; Chapter
05: Information security policy and scope; Chapter
06: The risk assessment and Statement of Applicability; Chapter
07: Mobile devices; Chapter
08: Human resources security; Chapter
09: Asset management; Chapter
10: Media handling; Chapter
11: Access control; Chapter
12: User access management; Chapter
13: System and application access control; Chapter
14: Cryptography; Chapter
15: Physical and environmental security; Chapter
16: Equipment security; Chapter
17: Operations security; Chapter
18: Controls against malicious software (malware); Chapter
19: Communications management; Chapter
20: Exchanges of information; Chapter
21: System acquisition, development and maintenance; Chapter
22: Development and support processes; Chapter
23: Supplier relationships; Chapter
24: Monitoring and information security incident management; Chapter
25: Business and information security continuity management; Chapter
26: Compliance; Chapter
27: The ISO27001 audit