Faced with constant and fast-evolving threats to information security and with a growing exposure to cyber risk, managers at all levels and in organizations of all sizes need a robust IT governance system. Now in its sixth edition, the bestselling IT Governance provides guidance for companies looking to protect and enhance their information security management systems and protect themselves against cyber threats. This version has been fully updated to take account of current cyber security and advanced persistent threats and reflects the latest regulatory and technical developments, including the 2013 updates to ISO 27001/ISO 27002.
Changes for this edition include: updates in line with the revised ISO 27001 standard and accompanying ISO 27002 code of practice for information security controls; full coverage of changes to data-related regulations in different jurisdictions and advice on compliance; guidance on the options for continual improvement models and control frameworks made possible by the new standard; new developments in cyber risk and mitigation practices; guidance on the new information security risk assessment process and treatment requirements. Including coverage of key international markets, IT Governance is the definitive guide to implementing an effective information security management and governance system.
Author Biography
Alan Calder is founder-director of IT Governance Ltd, which provides IT governance, compliance, risk management and information security books, trading tools, consultancy and training. Alan consults with companies internationally on matters relating to information security.
Steve Watkins is a director at IT Governance, Chair of the ISO/IEC 27001 User Group - the UK Chapter of the ISMS International User Group - and contracted Technical Assessor for UKAS, assessing certification bodies offering ISMS/ISO 27001 and ITSMS/ISO 20000-1 accredited certification. He sits on the UK national standards body's technical committees RM/1, IST/33 and sub-committee IST/33/1 , and is Chair of IST/33/1 Panel 2, which is responsible for the UK's contributions to standards including ISO 27006, 27007, 27008 and 27021.
