IT Governance Blog on IT governance, risk management, compliance and information security.

Banks are charging higher fees by default to merchants that have not proved compliance with the payment card industry data security standard (PCI DSS). You could be paying much more than you need to – FACT!

In addition to these extra charges, the Information Commissioner’s Office (ICO), has made it absolutely clear that organisation found to be non-compliant with PCI DSS, and having suffered a data breach, will be deemed non-compliant with the data protection act (DPA) and will be fined up to £500,000. Double penalties are a very real risk, as well as reputation damage and diminished customer loyalty!

Tackle both compliance challenges together for just £600!!!

	DPA and PCI Foundation Combination Course 13-14 December 2011 in London RRP: £935.00 Price: £600 You Save: £335.00

Tackle both compliance challenges together, once and for all, this December …

This December we are holding our best selling DPA and PCI foundation courses back-to-back to allow organisations, such as yours, to get to grips with these important compliance issues.

If you book these courses separately, the cost would be £935. This combination course allows you to book for just £600, saving you £335 in the process!

Don’t miss out! Book on the PCI and DPA course now >>

Our implementation toolkits are on offer for one week only. Our unique toolkits are designed to help small and medium organisations quickly adapt and adopt best management practice in technology governance, risk management and compliance.

Until Friday 25th each toolkit comes with fantastic free resources.

Order your toolkit today!

Value Added ISO27001 ISMS Toolkit Offer + 7 Free resources

IT Governance Framework Toolkit Offer + 4 Free guides

Complete Data Protection Toolkit Offer + Free e-learning course

BS25999 BCMS Implementation Toolkit Offer + 4 Free guides

IT Governance toolkits are unique and fit for purpose – they are designed to give you the knowledge and information you need to cost-effectively implement a management system or standard and accelerate organisational learning.

View all of our current offers

This week only we’re giving away a free iRiver Story HD eBook Reader for every booking on to our December CISA and ISO 27001 Lead Auditor course – this is on top of our existing reduced prices!

CISA – Certified Information Systems Auditor Training Course 5-8 December 2011 in London.
Save £400 and get the iRiver Story HD eBook Reader free – Simply book this week!

This 4-day CISA course is the perfect intensive preparation course for the CISA exam and is run by the official UK reseller of ISACA’s CISA materials. The CISA exam changes every year, and our course is updated to reflect the latest official guidance on content and exam questions. Book Now >>

ISO27001 Certified ISMS Lead Auditor Training Course 5-9 December 2011 in London.
Save £800 and get the iRiver Story HD eBook Reader free – Simply book this week!

Jointly developed by IT Governance and Certification Europe, this course will prepare you to plan and execute audits of information security management systems in line with the international standard, ISO/IEC 27001. ISO27001 is the recognised international standard for best practice in information security management systems (ISMS) within any organisation. You will get more out of this ISO27001 Certified ISMS Lead Auditor training course than out of any other course available today! Book Now >>

	iRiver Story HD eBook Reader The slim and lightweight iRiver Story HD is the world’s highest resolution eBook reader and boasts an array of fantastic features. RRP: £124.95 Price: FREE FREE when you book the CISA training course or the ISO27001 Certified ISMS Lead Auditor training course!

Take advantage of this special offer – Book today!

See the full ITG Training Course Schedule >>

The ISO/IEC 27001:2005 Information Security standard has become a ‘de-facto’ specification and best practice framework, ensuring that organisations worldwide secure their confidential information assets and maintain their competitive position. To ensure your organisation becomes compliant and maintains the ISO27001 standard, it is crucial to train a key member of staff as a Lead Implementer and at least one other member of the team as an Internal Auditor.

	ISO27001 Training Package No.3 Combination RRP: £2,795.00 Price: £2,395 You Save: £400.00

The ISO27001 Lead Implementer is responsible for planning and managing the execution all of the major activities associated with meeting the requirements of the ISO27001 external audit. From defining the scope of the project, identifying information assets and performing a risk assessment, the role of Lead Implementer requires comprehensive knowledge and skills to achieve compliance at the first attempt.

The role of an ISO27001 Internal Auditor in an organisation is crucial to continued compliance to ISO27001 and in making sure that the internal information security requirements are maintained. Reviewing the effectiveness of security controls and recommending suitable modifications are at the heart of the continual process improvement of any successful Information Security Management System (ISMS).

The Perfect Solution:

Our ISO27001 Training Package No.3 Combination offers you the opportunity to book the ISO27001 Certified ISMS Lead Implementer and Internal Auditor training courses at a significant cost saving of £400 and the added flexibility of choosing attendance dates to meet the individual needs of your team. Both courses are available in London and Manchester and successful delegates are awarded recognised industry standard certifications by the International Board for IT Governance Qualifications (IBITGQ).

Why choose IT Governance for your ISO27001 training needs?

• Acknowledged leader in ISO27001 and Information Security Management
• The first certificated training programme of ISO27001 education
• Practical hands-on approach delivered by experienced practitioners
• Focussed on improving knowledge, developing skills and awarding certification
• Guaranteed booking – we will never cancel your IT Governance course

Ensure your organisation achieves compliance to ISO27001 and continually improves the management of information security.

Book the courses on the ISO27001 Training Package No.3 Combination now.

An investigation by the Information Commissioner’s Office (ISO), found that Rochdale Metropolitan Bourough Council breached the Data Protection Act by losing an unencrypted memory stick containing the details of over 18,000 residents.

“Storing the details of over 18,000 constituents on an unencrypted device is clearly unacceptable. This incident could have been easily avoided if adequate security measures had been in place.” – Sally Anne Poole, Acting Head of Enforcement.

The only certain way to avoid breaching the DPA is to issue all staff with encrypted memory sticks in place of ordinary ones.

Share	Looking for a secure USB stick with hardware encryption? CESG approved for use in the public sector SafeStick is a fully manageable enterprise solution when used in partnership with SafeConsole (Lite version free when you buy 25 sticks). SafeConsole allows you to kill a stick if it has gone missing. It also enables you to enforce group policies, allowing you to enforce such policies as allowing certain file types to be put on the drive whilst denying others. You can also reset passwords using SafeConsole.

We’re also providing, for free, a customisable USB stick policy and procedure templates that help implement cross-company usage of encrypted USB sticks for every order of 20 or more USB Sticks.

The free templates are:

• Encrypted USB policy statement
• Staff Acceptable Use Agreement
• Usage of USB device procedure, including roles and responsibilities.

AND, as an added bonus, we will send you a set of Information Security posters. These are fantastic for visualising the importance of information security within your business.

Avoid the ICO’s data protection undertakings, BUY SAFESTICK TODAY >>

PS. Buy over 100 SafeSticks and we’ll provide safeconsole – the central management system for USB sticks – FREE!

Our popular ISO20000 Practitioner Certificate Course will be held in London between 31st October and 2nd November 2011. The next 5 delegates to book onto this course will receive 5 FREE copies of ISO/IEC 20000: An introduction to the global standard for service management, to help their colleagues better understand the requirements of the standard.

Share	ISO20000 Practitioner Certificate Course 31 Oct – 2 Nov 2011 in london. RRP: £895.00 Price: £795 You Save: £100.00 Plus 5 free copies of ISO/IEC 20000: An introduction to the global standard for service management!

This 3-day training covers the interpretation and application of the ISO20000 Standard and enables consultants to develop the Service Management capability of an organisation and assess its readiness for certification.

UNIQUE FEATURES – NO OTHER ISO20000 COURSE PROVIDER CAN MATCH US!

Find out more and book today >>

More than 75,000 professionals in nearly 160 countries have earned the Certified Information Systems Auditor (CISA) certification since its inception in 1978. With a growing employment demand for staff possessing information security audit, control and security skills, CISA has become the preferred certification program by individuals and organisations around the world.

Put more simply – CISA certification will enhance your credibility and recognition and deliver higher earnings.

Recent research published by ISACA has found that 1,400 CISAs are now employed in organisations as the chief executive officer (CEO) or chief financial officer (CFO), while more than 7,000 serve as chief audit executives or audit consultants. In addition, 13,000 CISAs are currently employed in managerial or consulting positions in IT operations or compliance. (Source: What is CISA? – ISACA 2010)

The ITG Certified Information Systems Auditor (CISA) Training Course is designed to provide delegates with a comprehensive revision of all key subject domains and essential preparation for the CISA examinations held every year in December and June.

Share	CISA – Certified Information Systems Auditor Training Course In London EC4N December 2011 Exam Pre-Registration closes on 14th October. Book the December 2011 training course at the same time to save £200!

Why choose IT Governance to help you pass CISA

• We are dedicated to Governance, Risk and Compliance consultancy and training services
• Our trainers are also our consultants and are ISACA qualified
• We summarise the key content and highlight its relevance with practical examples
• We help you prepare for the examination with practice questions and advice
• We believe interactive classroom training to be the most effective method of training

As preparation is the essential ingredient to passing the CISA examination, we strongly recommend that all delegates purchase the ISACA Exam and Study Guides prior to taking the relevant course. IT Governance is the exclusive approved reseller of ISACA publications in the UK and all titles are available from our dedicated ISACA Certification Bookstore.

Ensure that you pass the CISA examination first time. Book the ITG Certified Information Systems Auditor (CISA) Training Course now >>