IT Governance Blog on IT governance, risk management, compliance and information security.

There is a standard approach towards achieving DPA compliance:

• Understand what the DPA is how it affects your business
• Identify your current level of conformance to the DPA
• Identify gaps and steps to achieve compliance
• Document your DPA policies
• Understand how to react if you suffered a data breach
• Initiate DPA staff training.

Our Complete Data Protection Toolkit contains everything you need to use this recommended approach.

Ensure you organisation avoids fines and brand damage and become DPA Compliant today!

Buy this toolkit before the end of February and get a free ICT Strategy Toolkit!

Achieving compliance with the payment card industry data security standard (PCI DSS), is not something that organisations can ignore.

Failure to comply can be costly, especially if a breach occurs. Penalties could be levied at three levels. First, for non-compliance by one or more of the card brands. Second, for the breach itself. Third, if the leaking of payment card data is part of a broader data loss event, there could be fines from other regulators, including the Information Commissioner’s Office and the Financial Services Authority.

This PCI DSS toolkit is specifically designed to assist payment card-accepting organisations become PCI DSS compliant.

This toolkit will guide you through:

• Understanding the PCI DSS Standard
• The initial PCI DSS Self-Assessment Questionnaire
• Data storage Do’s and Dont’s
• Creating a Roadmap
• Guidance on implementation and how to complete the document templates.

With this toolkit you can protect your brand and simplify the process of becoming PCI compliant.

Buy this toolkit before the end of February and get a free ICT Strategy Toolkit!

Organisations that are implementing business and IT Service Management want a trouble-free, rapid deployment approach that will maximise benefits and will minimise delays and cost. Effective management, process and procedure documentation is an essential to achieving those results.

The ITSM, ITIL^® & ISO/IEC 20000 Implementation Toolkit helps organisations implement service management and using ITIL practices to prepare for successful ISO/IEC 20000 certification. It will help organisations avoid costly trial-and-error dead-ends, and ensure everything is covered by using current ITIL best practices.

This toolkit will be particularly useful to:

• Organisations that must deliver quality services whilst meeting governance, regulatory and legal requirements.
• Organisations that can benefit from improved services and service management.
• Managers, consultants and implementers that want a quick and effective approach to setting up, implementing and improving service management.
• Assessors and auditors who are to review or audit a service management capability or service management system against the requirements of ISO/IEC 20000-1.
• People involved in procuring, in sourcing or outsourcing services.
• Projects that need to deliver IT enabled services underpinned by effective service management.
• Users of ISO/IEC 20000-5 that need to understand the implementation requirements of the 2011 edition of ISO/IEC 20000-1.

BUY this vital toolkit today and succeed in your ITSM, ITIL & ISO/IEC 20000 implementation and improvement projects!

Achieving ISO 27001 certification is the best way for an organisation to protect its information assets, mitigate the risk of Cyber attack (and other forms of data breach), and to win new business.

Risk assessment is critical to effective deployment of an ISO 27001 Information Security Management System (ISMS), and the hardest part of achieving ISO 27001 certification is the documentation.

A toolkit can accelerate your ISO 27001 project immensely. It enables a cost-effective route to certification readiness and the No 3 ISO27001 Comprehensive ISMS Toolkit has everything you will need.

When you use our highly practical and informative books and tools to help you tackle the project, you receive unique guidance and support for your organisation – plus, with this package, you save money.

What does this toolkit contain?

• Documentation Toolkit: a CD-ROM with nearly 450 densely packed pages of fit-for-purpose policies and procedures.
• IT Governance: a Manager’s Guide to Data Security (Soft Cover) 4th Edition.
• vsRisk^™ – the Definitive ISO/IEC27001:2005-Compliant Information Security Risk Assessment Tool.
• All three of the information security standards: ISO 27001; ISO 27002; ISO 27005.
• ISO27001 in a Windows^® Environment, Second edition (Softcover).
• LiveOnline Consultancy: a session with one of our in-house experts, ensuring your ISMS project gets off to the best possible start.

“Using the templates, was the only way that we could deliver a 1st edition ISMS in under 6 months. Our deliverable was a work in progress but miles ahead of where they would have been without the templates.”
Tim Moreton, President, Moreton & Co., airlinetechnology.net.

Accelerate your ISO27001 project with the help of this toolkit. Don’t hesitate – buy it today.

Cyber crime is on the rise and all organisations need to ensure they protect themselves and their critical assets from cyber attack.

Accredited certification to ISO 27001 gives an organisation internationally recognised and accepted proof that its system for managing information security – its ISMS or cyber security readiness – is of an acceptable, independently audited and verified standard.

Use the ISO27001 Cyber Security Toolkit to implement ISO/IEC 27001, create an effective ISMS and combat cyber threats!

Your focus need to be on protecting your business from cyber attack.

The best way to do this is to align your information security management system to ISO 27001 – the world’s only recognised cyber security management system.

This toolkit provides all the tools and resources you need to implement your own cyber security project and align your business with ISO 27001, the world’s only cyber security standard.

Protect your business and kick start your cyber security project with this toolkit today!

Find out what’s included and buy before the end of February for a Free Cyber Security Assessment Tool!

The 2012 London Olympics will bring huge numbers of visitors to Britain. They will also pontentially bring significant staff absenteeism, travel disruption, business disruption, security threats and supply chain problems.

To help you address all the potential disruptions and security threats that the London Olympics will cause, we’ve developed an inexpensive and innovative Olympics 2012 – Continuity & Security – Policy and Checklist.Buy your copy now or get it free with the BS25999 BCMS Implementation toolkit >>

BS25999 is best practice for Business Continuity Management, and this toolkit contains all the templates and tools that enable a BC manager to quickly and effectively implement a BCMS in line with BS25999.

The BS25999 BCMS Toolkit is available for immediate download. buy today!

Cyber security is one of the most high profile issues facing businesses right now. ISO27001, together with the Code of Practice, ISO27002, provide an internationally recognised best-practice framework for addressing the entire range of risks which, taken together, may be described as cyber risks.

I’m writing to tell you about a fantastic deal we’re running on the 2-Course ISO27001 Training combination. It is now on special offer for just £1,695 and will begin on 21^st February for 4 days in Manchester.

The ISO 27001 Information Security Combination Course includes attendance at both the ISO27001 Certified ISMS Foundations course, and the ISO27001 Certified ISMS Lead Implementer Masterclass

By attending both courses you will cover all the key steps in preparing for and achieving certification first time.

Book this week and to attend the Foundation Course FREE!

Is your organisation implementing the COBIT IT governance framework?

Closely aligned with ISO27001, the ISO/IEC 27002:2005 standard serves as a practical guideline for all members of staff as they initiate, implement and maintain information security. An understanding of the best practice guidance as outlined in ISO27002 is essential to achieving the goals of COBIT.

COBIT is an IT governance control framework that helps organisations meet today’s business challenges in the areas of regulatory compliance, risk management and aligning IT strategy with organisational goals. Although information security is one of these goals, COBIT does not supply any guidance to how to achieve this objective. This is provided by the ISO27002 Standard which draws on the experience of practitioners in over 40 countries to set out best practice for the delivery of an effective information security programme.

The one-day Information Security Foundation based on ISO/IEC 27002 training course is designed for anyone in an organisation who is responsible for the security of information assets and directly supports the implementation of COBIT.

Delegates attending the course will learn about:

1. Information and data relationships (security, governance, assurance)
2. Defining threats and vulnerabilities and understanding Risk Management
3. Risk analysis with Impacts, Likelihood and Probability
4. Required policies and an Information Security Plan
5. External relationships with 3rd party organisations
6. Protective marking and the relationship to Impact (Risk)

Achieve EXIN Certification

The Information Security Foundation based on ISO/IEC 27002 course is based on the EXIN Information Security Foundation syllabus and prepares delegates for the EXIN ISFS examination which is taken at the end of the day. Successful candidates will be awarded the EXIN Information Security Foundation Certificate.

Book on the Information Security Foundation based on ISO/IEC 27002 training course now.

If you are considering implementing COBIT in your organisation, we can also recommend that you consider attending our COBIT Foundation training course. Please see www.itgovernance.co.uk/products/2295 for further details.