IT Governance Blog on IT governance, risk management, compliance and information security.

There is a standard approach towards achieving DPA compliance:

• Understand what the DPA is how it affects your business
• Identify your current level of conformance to the DPA
• Identify gaps and steps to achieve compliance
• Document your DPA policies
• Understand how to react if you suffered a data breach
• Initiate DPA staff training.

Our Complete Data Protection Toolkit contains everything you need to use this recommended approach.

Ensure you organisation avoids fines and brand damage and become DPA Compliant today!

Buy this toolkit before the end of February and get a free ICT Strategy Toolkit!

Achieving compliance with the payment card industry data security standard (PCI DSS), is not something that organisations can ignore.

Failure to comply can be costly, especially if a breach occurs. Penalties could be levied at three levels. First, for non-compliance by one or more of the card brands. Second, for the breach itself. Third, if the leaking of payment card data is part of a broader data loss event, there could be fines from other regulators, including the Information Commissioner’s Office and the Financial Services Authority.

This PCI DSS toolkit is specifically designed to assist payment card-accepting organisations become PCI DSS compliant.

This toolkit will guide you through:

• Understanding the PCI DSS Standard
• The initial PCI DSS Self-Assessment Questionnaire
• Data storage Do’s and Dont’s
• Creating a Roadmap
• Guidance on implementation and how to complete the document templates.

With this toolkit you can protect your brand and simplify the process of becoming PCI compliant.

Buy this toolkit before the end of February and get a free ICT Strategy Toolkit!

Organisations that are implementing business and IT Service Management want a trouble-free, rapid deployment approach that will maximise benefits and will minimise delays and cost. Effective management, process and procedure documentation is an essential to achieving those results.

The ITSM, ITIL^® & ISO/IEC 20000 Implementation Toolkit helps organisations implement service management and using ITIL practices to prepare for successful ISO/IEC 20000 certification. It will help organisations avoid costly trial-and-error dead-ends, and ensure everything is covered by using current ITIL best practices.

This toolkit will be particularly useful to:

• Organisations that must deliver quality services whilst meeting governance, regulatory and legal requirements.
• Organisations that can benefit from improved services and service management.
• Managers, consultants and implementers that want a quick and effective approach to setting up, implementing and improving service management.
• Assessors and auditors who are to review or audit a service management capability or service management system against the requirements of ISO/IEC 20000-1.
• People involved in procuring, in sourcing or outsourcing services.
• Projects that need to deliver IT enabled services underpinned by effective service management.
• Users of ISO/IEC 20000-5 that need to understand the implementation requirements of the 2011 edition of ISO/IEC 20000-1.

BUY this vital toolkit today and succeed in your ITSM, ITIL & ISO/IEC 20000 implementation and improvement projects!

If you’re looking to gain the PRINCE2 Foundation certificate then look no further. This ‘all-in-one’ package contains simply everything you need, covering all aspects of the PRINCE2 project management method.

Designed for those who want flexible and convenient study hours, the PRINCE2 2009 Foundation Computer Based Training is a flexible and cost-effective option.

This package contains:

• The PRINCE2 2009 Foundation CD-ROM training course – CD Includes PRINCE2 Case Study and Examination Simulator
• Our PRINCE2 trainers supply dedicated, global email and telephone support, and they can answer any PRINCE2 questions you might have
• The PRINCE2 Manual – Managing Successful Projects with PRINCE2 – 2009 Edition
• The Passing the PRINCE2 Exam Hints and Tips Book – 2009 Edition
• The PRINCE2 Process Model Wall Chart – PRINCE2:2009 Edition
• PRINCE2 Foundation Exam Fee

Buy this ‘all-in-one’ package for complete PRINCE2 Foundation Training, studying at a time, place and pace that suits you >>

Buy this ‘all-in-one’ package for complete PRINCE2 Foundation Training, studying at a time, place and pace that suits you >>

More to explore:

Quite often, Business Continuity managers hit a brick wall when implementing a Business Continuity Management System (BCMS) in line with BS25999 and fail to follow the project through correctly.

BS25999-2:2007 specifies at clause 3.4.1.1, that the BCMS must, as a minimum, contain the following documents:

• the scope and objectives of the BCMS and procedures;
• the BCM policy;
• the provision of resources;
• the competency of BCM personnel and associated training records;
• the business impact analysis;
• the risk assessment;
• the business continuity strategy;
• the incident response structure;
• business continuity plans and incident management plans;
• BCM exercising;
• the maintenance and review of BCM arrangements;
• internal audit;
• management review of the BCMS;
• preventive and corrective actions; and
• continual improvement.

With so many documents to fulfil, your BCMS can suddenly come to a standstill and the project to a halt.

Easily implement a BCMS in line with BS25999 with The BS25999 BCMS Implementation Toolkit. This toolkit contains all the document templates and guidance that will enable you to quickly and efficiently produce your own tailored versions of all these essential documents.

Buy before the end of February and get a free Olympics 2012 – Continuity & Security – Policy and Checklist!

More to explore:

Achieving ISO 27001 certification is the best way for an organisation to protect its information assets, mitigate the risk of Cyber attack (and other forms of data breach), and to win new business.

Risk assessment is critical to effective deployment of an ISO 27001 Information Security Management System (ISMS), and the hardest part of achieving ISO 27001 certification is the documentation.

A toolkit can accelerate your ISO 27001 project immensely. It enables a cost-effective route to certification readiness and the No 3 ISO27001 Comprehensive ISMS Toolkit has everything you will need.

When you use our highly practical and informative books and tools to help you tackle the project, you receive unique guidance and support for your organisation – plus, with this package, you save money.

What does this toolkit contain?

• Documentation Toolkit: a CD-ROM with nearly 450 densely packed pages of fit-for-purpose policies and procedures.
• IT Governance: a Manager’s Guide to Data Security (Soft Cover) 4th Edition.
• vsRisk^™ – the Definitive ISO/IEC27001:2005-Compliant Information Security Risk Assessment Tool.
• All three of the information security standards: ISO 27001; ISO 27002; ISO 27005.
• ISO27001 in a Windows^® Environment, Second edition (Softcover).
• LiveOnline Consultancy: a session with one of our in-house experts, ensuring your ISMS project gets off to the best possible start.

“Using the templates, was the only way that we could deliver a 1st edition ISMS in under 6 months. Our deliverable was a work in progress but miles ahead of where they would have been without the templates.”
Tim Moreton, President, Moreton & Co., airlinetechnology.net.

Accelerate your ISO27001 project with the help of this toolkit. Don’t hesitate – buy it today.

• Do you want to be able to implement ISO 20000 into any organisation?
• Do you want to know the ins and outs of the ISO 20000 standard?
• Do you want the APMG-accredited ISO 20000 Practitioner Certificate?

If you answered yes to any of these questions above, and you hold the ISO 20000 Foundation Certificate or the ITIL® Foundation certificate, then take a look at our ISO/IEC 20000 Practitioner Course.

This is the next natural step for you to take in your career. This 3-day course is ideal for all IT(SM) consultants who wish to assist organisations when preparing for audit/certification to ISO/IEC 20000.

This 3-day training covers the interpretation and application of the ISO/IEC 20000 Standard and enables practitioners to develop the Service Management capability of an organisation and assess its readiness for certification.

It has a highly practical focus and enables delegates to be immediately effective in any ISO/IEC 20000 project.

Book on the February course date and save 30%! >>

Book on the February course date and save 30%! >>

You, like every other modern business, are dependent upon IT. But are you getting the best out of your IT systems and infrastructure?

Ensuring that all your IT systems, frameworks and practices work together is a headache for most organisations. Getting the best out of them, and delivering effective and coherent systems can save you huge amounts of time, money and as importantly drive your business forward.

The IT Governance Framework Toolkit enables any organisation to create a single framework to achieve its IT strategies and objectives.

For a limited time the IT Governance framework toolkit comes with a free ICT strategy toolkit >>>

The IT Governance Framework Toolkit is compatible with ISO/IEC 38500, the international IT governance standard. The ISO/IEC 38500 Standard provides an efficient framework for IT Governance and provides business benefits including:

• Managing the organisations investment in IT responsibility
• Meet compliance requirements
• Improve the performance of the organisation
• Introduce effective project governance

If you just want to get on with improving IT governance in your organisation, and want to spend less than one day of consultant cost for dramatic improvements, then buy today.

The ICT Strategy Toolkit works hand in hand with the IT Governance toolkit and will help you ensure that your IT strategy delivers business benefit. This easy to use 24-page documentation toolkit covers all the key areas of formulating an ICT strategy. Read more about the ICT strategy toolkit here >>>