Total items: 0

Subtotal excl delivery & tax: £

IT Governance

An International Guide to Data Security and ISO 27001/ISO 27002

Implement an effective and compliant information security management system using IT governance best practice.
EAN: 9780749496951
Edition: 7
Format: 233x157
408 pages

About the book

Faced with the compliance requirements of increasingly punitive information and privacy-related regulation, as well as the proliferation of complex threats to information security, there is an urgent need for organizations to adopt IT governance best practice. IT Governance is a key international resource for managers in organizations of all sizes and across industries, and deals with the strategic and operational aspects of information security.

Now in its seventh edition, the bestselling IT Governance provides guidance for companies looking to protect and enhance their information security management systems (ISMS) and protect themselves against cyber threats. The new edition covers changes in global regulation, particularly GDPR, and updates to standards in the ISO/IEC 27000 family, BS 7799-3:2017 (information security risk management) plus the latest standards on auditing. It also includes advice on the development and implementation of an ISMS that will meet the ISO 27001 specification and how sector-specific standards can and should be factored in. With information on risk assessments, compliance, equipment and operations security, controls against malware and asset management, IT Governance is the definitive guide to implementing an effective information security management and governance system.

About the authors

Alan Calder

Alan Calder is a founder-director of IT Governance Ltd, which provides IT governance and information security services through its website He is the author of Corporate Governance, IT Governance and International IT Governance, all published by Kogan Page.

More about Alan Calder

Steve Watkins

Steve Watkins is Corporate Services Manager of HMCPSI and was Head of Quality and Operations at Focus Central London and was, before that, Quality Manager at Business Link. Alan Calder and Steve Watkins were responsible for one of the first companies (BLLCP) to achieve BS 7799 registration when the standard was first promulgated in 1996. They have aided other organisations since then to implement effective information security management systems, and have been involved in the development of both the accredited certification scheme and related training standards.Steve Watkins is also director at IT Governance, Chair of the ISO/IEC 27001 User Group - the UK Chapter of the ISMS International User Group - and contracted Technical Assessor for UKAS, assessing certification bodies offering ISMS/ISO 27001 and ITSMS/ISO 20000-1 accredited certification. He sits on the UK national standards body's technical committees RM/1 (risk management), IST/33 (information technology - security techniques) and sub-committee IST/33/1 (information security management systems), and is Chair of IST/33/1 Panel 2 (certification and audits), which is responsible for the UK's contributions to standards including ISO 27006, 27007, 27008 and 27021.

More about Steve Watkins

This book is to ISO27002 what ISO27002 is to ISO27001 - it is the guidance to the standard's guidance. As such, it is the most impressively comprehensive guide to implementing ISO27001-level InfoSec in your organisation. It gives detailed understanding and insight about the motivation and purpose of the different controls that will help build a fit-for-purpose ISMS. Because of this, I chose it as the set book for the very popular Open University Introduction to InfoSec module.

Dr Jon Hall, Open University InfoSec Module Chair and Author