Archive for the ‘IT Governance’ Category

IT Governance Framework Toolkit Offer Soon to Expire

August 25th, 2010 by James Warren

Time is running out to make the most of our August IT Governance Framework Toolkit – Special Offer. Purchase before the end of August and receive 4 free e-books!

IT Governance Framework Toolkit – Special Offer

  1. IT Governance: A Pocket Guide FREE!
  2. IT Governance to Drive High Performance: Lessons from Accenture FREE!
  3. ISO/IEC 38500 The IT Governance Standard – Pocket Guide FREE!
  4. IT Governance: Implementing Frameworks and Standards for the Corporate Governance of IT FREE!

(more…)

Third off Digital Forensics Course in August

August 19th, 2010 by James Warren

Our Digital Forensics Training Course provides critical advice to enable you to fulfill the Cabinet Office ‘minimum mandatory measures’ requirement to have a ‘forensic readiness policy’, covering issues to consider in defining a strategy, identifying responsibilities and putting the required arrangements in place.

The next course will take place in London on 21 September and delegates that book before the end of August can save a third off the list price to save £200!

Digital Forensics Training Course

Digital Forensics Training Course

For IT Directors and CISOs through to IT Managers, this one day course is the perfect introduction to Digital Forensics and Forensic Readiness. Given the HM Government’s ‘minimum mandatory measures’ for information assurance, it is also ideal for Senior Information Risk Owners (SIROs) and those tasked with introducing an information security incident response regime.

What does this digital forensics course cover?

  • Digital Forensics – the art and science of digital forensics is explained. You will get an introduction to the basics of digital forensics as a discipline, plus an instructive overview of the types of information that can be found on computers, mobile phones and other forms of digital media. This includes passwords, Google searches, web-surfing history, deleted documents and e-mails.
  • Preventing Data Leakage - you will learn how to minimise the risk of data loss without necessarily spending thousands on technology. You will learn practical solutions to help prevent both accidental and deliberate data security breaches. High-technology techniques that are used for Data Hiding will be revealed and discussed.
  • Dealing with computer incidents in the workplace - you will learn how to contain and limit the damage and how to preserve the evidence, including what to look for to make sure that your organisation manages the situation correctly.
  • Preparation Strategy and Forensic Readiness – security incidents present a range of challenges to first responders. Preparation and planning are the key to meeting these challenges head on. This section details vital preparations and measures that will keep volatile situations under control and so helps you plan for the inevitable data security breach.

Fulfill the Cabinet Office ‘minimum mandatory measures’ requirement to have a ‘forensic readiness policy’:

Book today to guarantee your place and save £200!

Bank fined $9.7m over poor IT governance

August 11th, 2010 by James Warren

The UK’s Financial Services Authority (FSA) last week fined the Royal Bank of Scotland Group £5.6m for ‘failing to have adequate IT systems and controls in place to prevent breaches of UK financial sanctions’. You can read more about this incident on Alan Calder’s IT Governance Blog where he states:

‘It always seems to me a pity that organisations have to be pushed, by substantial fines, to do things that have significant business benefits’.

The business benefits that Alan is referring to are particularly relevent right now as we face public sector spending cuts and struggle to recover from recession. You can read more about these benefits in a recent blog post: IT Governance and ISO38500 will help organisations during times of austerity.

Improve IT Governance in your organisation

(more…)

Extended range of ISO27001 tools and service

August 5th, 2010 by James Warren

There is a common misconception that at IT Governance, we just publish books and toolkits, or we just develop and run ISO27001 training courses, or just offer consultancy services. The fact is, we do all these things, and going by our customers’ comments, we do them very well!

The breadth of products and services we have available puts us in the unique position of being able to offer our clients the solution they require, no matter what stage of a given project they’re at. Did you know, for instance, we now offer penetration testing services?

We also deliver many of these services internationally!
(more…)

Avoid Common Social Media Pitfalls

August 4th, 2010 by James Warren

A string to any news reporter’s bow is the issue of social media and privacy. It’s rare that a week goes by without there being a news headline claiming that Facebook, Twitter, or some other social network has breached our privacy rights and are branded as immoral rouges who have set out to destroy the universe.

The reality is often very different and social media, when used correctly, is a fantastic way to communicate, share and build relationships. The very nature of social media, and what makes it so powerful, is the ability to engage your audience in one-to-one conversations, rather than the more traditional broadcast communication.

Here lie the ‘not so obvious’ risks:

Quite often, an organisation will jump into social media without a proper strategy. In order to ‘test the water’, they may create a Facebook page, sign up a new Twitter account and encourage sales and/or marketing staff to use their LinkedIn accounts to spread the word and prospect for potential leads.

As the number of followers grows, and before the organisation begins to see the benefits to using social media as a bone-fide marketing and communications channel, you could be risking your brand reputation and/or posting inappropriate content without even realising.

Organisations need to create an effective governance structure around their social media activities. They will need to identify appropriate social media objectives, as well as assign roles and responsibilities.

(more…)

Training Schedule Septemeber 2010

August 2nd, 2010 by James Warren

Our Training schedule for September 2010 is outlined below and I thought you should see it as early as possible. Spaces on these courses are limited and sell-out very quickly, in fact, a few of these courses have just been added to meet demand as we have turned people away from previous course dates!

Date Course
07 Sept Foundations of Information Security Management according to ISO 27001
10 Sept PCI DSS – 1-Day Introduction, Implementation & Compliance Masterclass
13-14 Sept BS25999 Business Continuity Management Implementation Master Class
13-14 Sept COBIT 4.1 Foundation Course
14-16 Sept ISO27001 ISMS Implementation (Lead Implementer) MasterClass
21 Sept Digital Forensics Classroom Training Course
23 Sept Understanding Business Continuity Management Best Practice & BS25999
27/09-01/10 ISO27OO1 Certificated Lead Auditor Training Course
29/09-01/10 Implementing ISO20000 (ISO20000 Consultant Certificate) Course

 

Why book an IT Governance Training Course?

  • Strength of experience: Our trainers are subject matter experts who have unrivalled experience within their field
  • Association with a leading brand: Align your organisation, and your career, with the leading name in governance, risk and compliance. Receive a training certificate from a name that will be recognised globally
  • Ease of booking: Speak to one of our advisors directly on 0845 070 1750, email servicecentre@itgovernance.co.uk or simply book online via our website at www.itgovernance.co.uk/training.aspx
  • Quality course material: Receive practical tools and resources to use throughout your learning
  • Specially selected training venues: Learn in a comfortable training environment. Our training locations are selected based on facilities and standards of service and ease of access.

Call 0845 070 1750 to discuss your requirements or to book today!

See our full range of training courses >>

Time Limited IT Governance Framework Toolkit Offer

July 28th, 2010 by James Warren

When you buy the IT Governance Framework Toolkit before the end of August 2010, we’ll send you the following 4 eBooks free:

  1. FREE! IT Governance: A Pocket Guide
  2. FREE! IT Governance to Drive High Performance: Lessons from Accenture
  3. FREE! ISO/IEC 38500 The IT governance standard – Pocket Guide
  4. FREE! IT Governance: Implementing Frameworks and Standards for the Corporate Governance of IT

The IT Governance Framework – Toolkit & Book Special Offer provides you with:


  • A single integrated framework that enables you to get the best out of:
    • CobiT,
    • ITIL,
    • ISO27001/ISO27002,
    • ISO20000,
    • Prince2,
    • PMBOK,
    • TOGAF,
    • IT Balanced Scorecards,
    • the Zachman Enterprise Architecture,
    • IT Portfolio Management,
    • IT Dashboards and so much more,

(more…)

IT Governance for USA Based Organizations

July 27th, 2010 by James Warren

If Information Technology is a part of your business, governance now extends to and includes information and the IT infrastructure that supports your business. Shareholder expectations of boards, and of the individual directors on boards, are clear:

  1. The board of directors will actually direct the management of the company, including strategic and IT business plans and fundamental structural changes
  2. The board will see to the hiring of competent and honest business and IT managers
  3. The board will understand the business of the firm and develop and monitor a business and IT strategy
  4. The board will monitor the managers as they carry out the strategy and the operations of the company
  5. When making a business decision, the board will develop a thorough understanding of the transaction and act in good faith, on an informed basis, and with a rational business purpose
  6. The board will operate with basic honesty, care, and loyalty
  7. The board will take good,faith steps to make sure the company complies with the law.

These IT governance expectations demand an appropriate IT governance framework. That can be difficult and time consuming to do from scratch.

(more…)

IT Governance and ISO38500 will help organisations during times of austerity

July 20th, 2010 by James Warren

As the UK enters its new age of austerity with public sector organisations finding draconian budget cuts, organisations must ensure that its IT function acts an enabler of business, and must be fully aligned with business objectives.

ISO/IEC 38500:2008 provides guiding principles for directors of organisations on the effective, efficient and acceptable use of information technology (IT). These principles are designed to be used within their organisations.

Key benefits of ISO38500:

  • The first international standard for IT governance
  • It provides an efficient, well-thought-through and effective framework for IT governance, leading to better alignment of IT with organisational decisions
  • Written in a generic manner, meaning that the advice and guidance in this standard is applicable no matter the size or type of organisation or whether it is in the corporate, public or not-for-profit sector
  • Advice and guidance that is provided is not only applicable to directors, but also to their associated members of staff
  • It provides essential guidance on the appropriate governance of IT to all key members of staff.

(more…)

Expanded range of governance risk and compliance toolkits

July 13th, 2010 by James Warren

Our range of governance risk and compliance toolkits has grown rapidly over the last few month so I want to take this opportunity to share this new range with you:
(more…)