IT Governance Blog on IT governance, risk management, compliance and information security.

	An Introduction to Hacking & Crimeware: A Pocket Guide by Victoria Loewengart RRP: £14.95 Price: £12.95 Save: £2.00

	Illustrating PRINCE2®: Project Management in Real Terms by Susan Tuttle RRP: £39.95 Price: £29.95 Save: £10.00

	The ITSM Iron Triangle: Incidents, Changes and Problems by Daniel McLean RRP: £29.95 Price: £24.95 Save: £5.00

	Managing Business Transformation: A Practical Guide by Melanie Franklin RRP: £29.95 Price: £24.95 Save: £5.00

	Running IT like a Business: Accenture’s Step-by-Step Guide by Robert E. Kress RRP: £39.95 Price: £29.95 Save: £10.00

	Essential Time Management and Organisation: A Pocket Guide by Sarah Cook RRP: £9.95 Price: £8.95 Save: £1.00

	Compliance by Design: IT controls that work by Chong Ee RRP: £39.95 Price: £29.95 Save: £10.00

	Everything you want to know about Organisational Change by Brian Johnson RRP: £19.95 Price: £17.95 Save: £2.00

	IT Asset Management: A Pocket Survival Guide by Martyn Hobbs RRP: £9.95 Price: £8.95 Save: £1.00

	21st Century Chinese Cyberwarfare (Pre-order) by Lieutenant Colonel Hagestad RRP: £75.00 Price: £60.00 Save: £15.00 Introductory Offer!

* Better price than Amazon at the time this post was published.

Google today achieved another watershed moment by announcing it has won its largest enterprise customer. Spanish banking monolith BBVA has signed up to use google’s cloud computing service. It will provide tools for BBVA’s internal communication including well-known applications including gmail, video conferencing and google docs.

BBVA employs over 110,000 employees across 26 countries and its director of innovation, Carmen Herranz commented on the deal:

“The main goal is to promote innovation and making decisions and increase productivity. We are in a challenging market and need to make faster and more accurate decisions… and eliminate duplication…”

The way in which individuals work has changed dramatically in the last couple of years with the advent of smartphones, laptops and tablets. This has created a need for organisational information and applications to be available to employees at anytime, anywhere in the world. The old business adage that ‘time is money’ has never held more resonance, and cloud computing offers organisations the mobility, flexibility and efficiency that is required to stay ahead in the modern economy.

The banking sector has been seen as the most difficult area for cloud computing services to penetrate, due to security and confidentiality concerns. In today’s announcement, BBVA reported that all customer data would still be kept in its own data centres, however it is surely only a matter of time before these also start moving, metaphorically, skyward.

Cloud computing offers organisations many benefits, not least the fact that they only pay for the services they use. Reports suggest that the majority of companies have between 70-80% of computer power ideal and spend large portions of their IT budgets on upgrades. Sebastian Marotte, Vice President of Google Enterprise Europe, estimates that customers can save between 50%-70% by using cloud computing services.

Organisations across all sectors are realising the huge benefits that cloud computing can bring. For more information about cloud computing, and how it can help your business, click here >>>

IT Governance also offers a foundation training course in Cloud Computing. Read more about the Cloud Computing Foundation course here >>>

Source: BBC, Google

Facebook, LinkedIn, MySpace, Twitter & YouTube – these are the world’s most popular sites for people to share information, socialise and just hang out together, electronically. Blogging, Instant Messaging and Skype all play a significant role in enabling people to keep in touch with one another, wherever they are in the world.

What individuals do at home, they would like to do at work. But how should organisations regulate and manage the use, by their staff, of social media during work hours? And what sort of risks do organisations face, in terms of potential data loss, unregulated communication of confidential information, and work time?

The other part of the challenge is this: how should social media be used as part of a corporate communication and marketing strategy? How should the talents and credibility of individuals within the organisation be harnessed to position the organisation and its products or services in the best possible light? How should the organisation respond to criticism of it, whether on blogs or in a LinkedIn group?

	Social Media Governance Toolkit Comprehensive Suite of Documents and Tools for Social Media Governance. RRP: £199.95 Price: £149.95 You Save: £50.00

Train your team, boost productivity and ensure your critical data is secure with our specially priced products!

iRiver Story HD eBook Reader + 10% Off All ITGP eBooks For Life!

SafeStick + Free Awareness Posters! Secure USB stick with hardware encryption

4 pack ‘High Performace’ Soft skills book bundle Save £20 and develop your team this new year!

More fantastic festive offers

Breaking the Addiction to Process Price: £19.95

Running IT Like A Business Price: £29.95

Changing the IT Leader’s Mindset Price: £24.95

PCI Training Offer

Information Security & ISO27001 Staff Awareness e-Learning Offer

Data Protection Training Offer

Visit our festive shop to see all our fantastic offers >>

We have updated our White Paper ‘Cyber Security: a Critical Business Risk’ and it’s available for you to download right away. Download now >>

Cyber Security: a Critical Business Risk by Alan Calder

	This free white paper explores the following: UK National Security Strategy Advanced Persistent Threats Serious Organised Crime Cyber Insecurity The Fragmented Workforce Cyberbreach Costs Your Business Plan – Risk & Reward Cybersecurity Standards Cyber Resilience Seven-Step Cybersecurity Strategy IT Governance Cybersecurity Products & Solutions Free Download!

Quick Links to further information, products and services:

Advanced Persistent Threats (APT).

Cybersecurity standards kit – all four standards (ISO27001, ISO27002, ISO27031, ISO27035).

ISO27001 & Cyber Security Toolkit – implement ISO/IEC 27001, create an effective ISMS and combat cyber threats!

ISMS Implementation – Masterclass – delivers a comprehensive education in ISO27001 implementation and a recognised industry standard certification awarded by gasq and approved by the International Board for IT Governance Qualifications (IBITGQ).

www.itgovernance.co.uk/consulting.aspx – Talk to us about deploying our experienced consultants to help you review your cyber preparedness.

Penetration Testing – establishes whether or not your Internet security will actually withstand external threats, and whether or not it is adequate and is functioning correctly.

The festive season is almost upon us and we have some special products at special prices to help you and your team celebrate. You can make a difference to your team with our intelligent gift ideas which include staff training, e-learning, books and 2 fantastic offers on the iRiver – the world’s highest resolution ebook reader.

You can find a selection of our offers below.

Visit our Festive Shop to see all our fantastic offers!

iRiver + 10% Off eBooks Offer Price:£119.95 The iRiver Story HD boasts the world’s highest resolution screen, delivering crystal clear text even in bright sunlight. It reads almost any file format, has a huge battery life and can store over 1,500 books on its 2GB memory.Over the festive period we’re offering the iRiver with 10% discount on the rapidly growing range of market leading ITGP books, for life!

Train your team with our specially priced products…

Data protection staff awareness e-learning course Buy 10 and receive a free set of DPA posters worth £100

Information security staff awareness e-learning course Buy 10 and receive 10 Introduction to ISO27001 pocket guides

PCI DSS staff awareness e-learning course Buy 10 and receive a free set of 10 PCI DSS pocket guides

Fantastic stocking fillers for managers…

Breaking the Addiction to Process Price: £19.95

Running IT Like A Business Price: £29.95

Changing the IT Leader’s Mindset Price: £24.95

IT Governance’s rapidly growing training division is helping IT professionals to obtain the skills and qualifications required to develop their career whilst supporting their businesses IT projects.

Now is the last chance to book onto our training courses before the prices go up in 2012. Places are running out, so don’t delay and book today!

Over the next month we are also holding 3 free webinars. See below for more information.

	ISO27001 Certified ISMS Lead Auditor 5-9 Dec in London RRP: £1,995.00 Price: £1,195.00 You Save: £800.00

	Information Security Foundation based on ISO/IEC 27002 12 Dec in London Price: £450.00

	DPA Foundation 13 Dec in London Price: £440.00

	PCI Foundation 14 Dec in London RRP: £495.00 Price: £395.00 You Save: £100.00

	TickITplus Foundation 15-16 Dec in London RRP: £1,050.00 Price: £895.00 You Save: £155.00

	BS25999 Foundation 15 Dec in London RRP:£495.00 Price: £395.00 You Save: £100.00

Free Webinars From IT Governance

The Government has announced that it has signed up the web host Memset as one of ten company’s trialing G-Cloud services. After months of rumour about the G-Cloud project, the Government is expected to produce is G-Cloud and the G-Cloud framework in the next few weeks. The announcement re-enforces the government’s desire to award 25% of G-Cloud contracts to small and midsized enterprises (SME’s).

But What is G-Cloud?

G-Cloud is the Government’s initiative to create a secure government cloud computing infrastructure. G-cloud could potentially create huge savings as public sector bodies require the use of similar applications and services.

The Government hopes to slash £3.2 billion off its annual £16 billion ICT budget through using G-Cloud, however Memset’s MD Kate Craig-Wood said expectations could be set higher if the project was executed to its maximum potential ‘saving the government 12billion per year by 2012’.

If you want to develop your understanding of Cloud Computing, its benefits and its risks, we recommend the highly acclaimed book ‘Above The Clouds’.

We also offer a range of other Cloud Computing books >>>

The Department of Health today announced that it will dismantle the £11.4 billion NHS National Programme for IT. It comes as a cross-party committee stated that the project had proved ‘…beyond the capacity of the Department of Health to deliver and the department is no longer delivering a universal system’.

The main objective of the project was to create a single digital network with a medical record for each of the country’s 62 million people. This would allow members of the NHS to access and share patients’ details across the country and across departments. This however has not been achieved, and what has been left is a disjointed and disparate set of IT systems.

Trying to justify some of the huge expenditure and not label the entire project a failure, the Department of Health stated:

“The NPfIT achieved much in terms of infrastructure and this will be maintained, along with national applications, such as the Summary Care Record and Electronic Prescriptions Service, which are crucial to improving patient safety and efficiency. But we need to move on from a top down approach and instead provide information systems driven by local decision-making. This is the only way to make sure we get value for money and that the modern NHS meets the needs of patients.”

Existing contracts for parts of the IT programme will be honoured, and the NHS Connecting for Health – the overseer of new IT systems – will also stay. However individual hospitals, GP practices and other NHS departments will now have to source and implement their own IT systems – provided they comply with the NHS Connecting for Health structure.

This all means that NHS hospitals and GP’s will now be able to implement IT systems that work for them and their patients. Because control will be passed to localised level, this should in theory, mean a quicker and more efficient delivery of IT services. Surely they cannot be any worse than the ill-fated national project; they certainly won’t be as expensive!

IT Governance provides specialist NHS NC Connecting for Health Consultancy. Read more about our NHS N3 consultancy service here >>>

As most people in the UK will be aware, the current economic woes that beset the UK economy started with the first run on a UK bank since 1886 – the bank in question was Northern Rock.

No one seemed aware in the heady days of 2007 that the cycle of boom and bust had returned. The first anyone here knew about it was from the long queues that started to appear outside every branch of the bank with customers wanting to withdraw their hard-earned savings.

It is very rare that one can firmly grasp why these disasters occur, but it is easy to understand why Northern Rock nearly collapsed after reading The Fall of Northern Rock by Brian Walters.

Brian, previously an employee of Northern Rock, has first-hand experience of what it was like to work for the bank. In the book he remembers how the bank was so hugely successful, he also details what lead to its spectacular collapse.

Having read the book it is easy to understand why in the days of cheap credit it was easy for a financial institution to expand. It is also easy to understand why, given the massive freeze in the credit markets, why the bank collapsed so spectacularly.

The question that comes to mind have we really learnt anything from the crisis and put in place systems to prevent such things happening again?

Sure, banks are now required to hold more capital, also banking regulation has been strengthened. Even a standard has been published for UK financial organisations to follow to help them ensure they are compliant with the relevant legislation, BS 8453:2011

Me thinks we haven’t really learnt that much – may be those in positions of influence at UK financial should read this book and learn how to not repeat the same mistakes as those at Northern Rock……we’d all be better off if they did!