IT Governance Blog on IT governance, risk management, compliance and information security.

Are you going away this summer?

The holiday season is under way and if you are taking a break you may want to use it as an opportunity to keep on top of your game with the help of a book or distance learning package.

Our in-house publishing team, ITGP, have produced many new titles over the last few months, all of which are written by leading industry experts. All of our titles are now available in Softcover and eBook formats.
(more…)

Our Online Shop for the USA and Canada now has a US-based payment gateway, so previous processing problems are history – try it for our range of Governance; Risk; Information Security & Compliance products and services.

We now accept Amex & Discover, plus Visa and Mastercard, so it is very easy to buy from us – try it now >>

You should also know that we now have American National Standards Institute (ANSI) versions of the information security standards which are very inexpensive:

This allows us to sell you the download versions of the following standards for just $40 each!

• ISO27001 (ISO 27001) ISMS Requirements (Download);
• ISO27002 (ISO 17799) Code of Practice for ISM (Download);
• ISO27005 (ISO 27005:2008) ISRM Standard (Download).

Or you could buy all three in a single purchase: ISMS Security Standards Kit – All Three ISMS Standards (Download)

Whilst we concentrate on selling ANSI’s IT-related standards, our new agreement actually allows us to sell ANSI’s entire range of standards. If you can’t find what you are looking for on the website simply e-mail: servicecenter@itgovernanceusa.com, or Call us toll free: 1 877 317 3454.

www.issdconference.com

Special discount for the International Secure Systems Development Conference

 - 20th and 21st May 2010, Westminster Conference Centre

The ISSD Conference opens its doors next week. This 2-day event is a must-attend for those involved in planning, designing or implementing secure software systems and architectures, and features a range of high profile speakers covering topics as diverse as the Secure Development Life-Cycle, comparisons of Code Analysis & Testing Tools, SQL injection vulnerabilities and how to retro-fit security onto existing code. The full programme is available online at www.issdconference.com and a discount of £150 off the price of the delegate ticket. Quote the code LM01 online to receive this special offer.

No one could have failed in recent weeks to either have noticed, or in some way be affected by, the shutdown of most of European airspace caused by the volcanic ash crisis.

Whether you have been travelling during the recent disruptions and caught abroad, wanting to procure vegetables or perishable goods from far-flung parts of the world, or simply waiting for a letter from a foreign country, the situation is sure to have impacted on your professional and personal life in some way.

With so many organisations now depending on global supply lines, it is perhaps surprising that not more organisations have taken into consideration how scenarios like the volcanic ash crisis could affect them.

Having read a recent article by the chair of the technical committee that originated the new International Standard for risk management (ISO 31000), Kevin Knight, puts the reasons for this failure down to boards and top management failing manage risk effectively.

Knight goes further to give an example of how United Parcel Service (UPS), an organisation with a strong culture of risk management at its heart, coped with the crisis and was able to still continue its operations, when other organisations were totally disabled by the crisis.

Clearly, risk is part of the everyday operations of many organisations. Without risk and risk-taking, there is never likely to be any reward or progress. But risk needs to be managed and minimised, so that opportunities can be exploited.

ISO 31000, the new International Standard for risk management, provides the framework, process and principles for the effective management of risk. ISO 31000 is different from other risk management frameworks, where the emphasis is shifted very much from the actual disaster or event, to dealing with the effects of the uncertainty on organisational objectives.

In combination with the other standards in the ISO 31000 family, all of which are available in the ISO 31000 Risk Management Kit, ISO 31000 enables organisations to comprehend the risk involved in achieving their goals and ensure they manage their risks so as to ensure a successful outcome, just like UPS.

Our fast-growing training division offers a wide range of IT governance and information security training courses, both public and in-house, as well as a comprehensive range of training courses that lead to accredited certifications.

Featured Course

Data Protection Act (DPA) 1-Day Course 06 may 2010 – LondonGiven the New Data Protection Powers of the ICO, this interactive and enjoyable one-day course gives both new and experienced staff and management – those involved with or responsible for personal data – an oversight of what the Data Protection Act means to their business also to their own rights as an individual.Course delegates will go back to their companies with up-to-date knowledge of the current legal compliance position around personal data. Seats are selling fast – Find out more and book today >>

Our May 2010 training courses are selling fast so you must ACT and BOOK quickly to secure your place. Here are some of our most popular training courses:
(more…)

1. To ensure that your business is well-positioned when the economy starts to recover. Those businesses that do not survive will open up market share to those who do.
2. To remain competitive. If your employees are knowledgeable and motivated, they will find new ways of generating revenue.
3. To understand your customers’ buying habits and how to build on their loyalty. You need to maintain repeat business in order to grow.
4. To enable your employees to stand back from the day-to-day operations and understand the strategic implications of their work.
5. It sends one of the most powerful messages to your employees – that they are valued. When your employees are anxious about job security, it is more important than ever to demonstrate a commitment to them.
6. To avoid a long term skills shortage among your employees. UK businesses are still recovering from skills lost during the 1990s recession due to poor investment.
7. Training increases productivity in the short term, as well as the long term. The sooner you engage your staff, the earlier you can address and deal with the impact of the recession.

Train your way out of recession!

All delegates attending an ITG course have an outstanding learning experience that helps them power ahead with their projects.

We have lots of training courses running during May 2010 – Find out more and Book today!

In light of the impending Royal Mail postal strikes we have made permanent arrangements to bypass UK Royal Mail for all overseas customers and we have a low-cost alternative in place to bypass Royal Mail in the UK in accordance with which we will reduce the UK express shipping cost to just £7 from today.

How does this affect customers?

We will continue to offer free standard shipping through to the end of October. This offer is open to all our customer, no-matter where they are in the world, for most online orders through our online store at www.itgovernance.co.uk.
(more…)

IT Governance Publishing is a prolific publisher of Pocket Guides – short, handy guides to specific IT governance, regulatory compliance, information security and business continuity subjects (amongst others), written by subject matter experts.

IT Governance Pocket Guides are an inexpensive way for small and medium sized businesses to gain an understanding of specific compliance issues before they jump in at the deep end.

Many of the Pocket Guides in the ITGP range make for an ideal awareness tool for important business issues such as Information Security, Data Protection and Business Continuity.
(more…)