IT Governance Blog on IT governance, risk management, compliance and information security.

Pre-order the missing part of ITILv3 today!

ITILv3 is made up of 5 core titles which reflect the lifecycle of services and for a long time there has been a missing element.

Information Security Management with ITILv3 is a groundbreaking new title that looks at information security from defining what security measures positively support the business, to implementation to maintaining the required level and anticipating required changes.

If you use ITIL, own the complete library, or if you’re involved at any stage of the framework, this is a must-have purchase!
(more…)

Order all of the core PRINCE2®:2009 books in one go with this bundle!

• Contains all of the core official PRINCE2:2009 books, enabling you to buy a complete collection of all the core PRINCE2:2009 books in one go whilst saving money.
• All of the advice and guidance within these manuals is fully aligned with the latest version of PRINCE2 giving you the most up-to-date information on the PRINCE2 methodology.
• Only contains official titles authored and endorsed by the OGC, the originators of the PRINCE2 methodology. Meaning you can be assured the books in the kit are authoritative and comprehensive.

Official PRINCE2:2009 Book Bundle This book bundle is the only place you can purchase all of the official PRINCE2:2009 titles in one go, saving time and money and keeping you up to date with the latest in the PRINCE2 methodology.

(more…)

Order the ISO38500 IT Governance Framework Toolkit before midnight on Friday (29 January 2010) and receive a free copy of IT Governance: Implementing Frameworks and Standards for the Corporate Governance of IT!

If Information Technology is a part of your business, governance extends to and includes information and the IT infrastructure that supports your business. Shareholder expectations of boards, and of the individual directors on boards, are clear:
(more…)

If you’re implementing a business continuity management system (BCMS), in-line with BS25999 and want to save time and money, the BS25999 BCMS Implementation Toolkit is must-buy resource!

The BS25999 BCMS Implementation Toolkit contains document templates, tools and references that enable you to quickly and efficiently produce your own tailored versions of all the essential documents needed to become certified against BS25999.

This BS25999 BCMS Implementation Toolkit Special Offer contains electronic copies of the following specialist guides:
	BS25999 A Pocket Guide; Business Continuity and BS25999: A Combined Glossary; Business Continuity Management: a Manager’s Guide to BS25999, a concise and practical guide to implementing this new benchmark for business continuity management. FREE – Disaster Recovery and Business Continuity, Second Edition (Soft Cover), when your order before midnight on Friday!

(more…)

Our No 3 Comprehensive ISO27001 ISMS Toolkit contains all the resources and tools an organisation will need to become ISO27001 certification-ready, and if you purchase it before midnight on Friday (29th January 2010), you will receive an immediate free download of 5 added value pocket guides!

Free Pocket Guides Included: Data Protection Compliance in the UK; ISO 27001 A Pocket Guide; ISO 27001 Assessments Without Tears: A Pocket Guide; IT Regulatory Compliance in North America: A Pocket Guide; Risk Assessment for Asset Owners: A Pocket Guide.

These 5 pocket guides compliment the toolkit well and will help to speed up your learning and your project!

The No 3 ISO/IEC27001 Comprehensive ISMS toolkit contains:
(more…)

This suite includes all five of the Key Element Guide series of publications. Each one of these pocket guides supports a particular one of the core ITIL V3 titles, providing a handy quick reference no-nonsense guide to the key information.

Key Element Guides Included: ITIL: Service Strategy; ITIL: Service Design; ITIL: Service Transition; ITIL: Service Operation; ITIL: Continual Service Improvement.

Key Features:

• Contains one copy of each of the Key Element Guide series of pocket guides, enabling you to purchase all the guides in one complete set.
• Quick reference guides to the core ITIL V3 books contained in the ITIL Lifecycle Publication Suite.
• Written in conjunction with, and endorsed by, itSMF International.
• Save money over buying these guides individually from other suppliers.
• Written by the original team who worked on the ITIL V3 core titles.

The main objective of these guides is to convey the best practice information contained in the core ITIL V3 Lifecycle Publication Suite books in an easy-to-read format and it forms an ideal support tool for the main ITILv3 Lifecycle Publication Suite.

Order your set of these essential pocket guides today. Simplify the ITIL V3 implementation process today using this set of pocket guides.

Comply with the Massachusetts Data Protection Law – 201 CMR 17.00

Do you have an information security management system which complies to ISO27001?

The The 201 CMR 17.00 Upgrade Toolkit will help you to avoid regulatory noncompliance with the 201 CMR 17.00 Law!

Buy the The 201 CMR 17.00 Upgrade Toolkit

to assure success at your next surveillance audit and/or state examination.
(more…)

Pre-Order this concise guide and learn how to manage risk in the cloud!

Pre-order this book using Voucher Code: “cloud2010” to save 10%!

• Pre-order the Softcover;
• Pre-order the eBook.

Cloud Computing will bring many benefits to organisations, some of which include reducing operating costs, reducing power consumption and freeing you up to focus on your core business.

The concept of shifting computing to a shared service provider is not new. What may be new is that the cost of Cloud Computing is falling so dramatically that considering outsourcing to the Cloud is no longer rare, and it is now accessible enough that any individual or organisation can use it to their advantage.
(more…)

PCI DSS compliance can be a real pain for some organisations, a pain you can do without. Sound familiar? Your not alone!

There are many organisations who find themselves in the position where they know they have to comply, they don’t really know what’s involved and just want to get it done. It is too much of a risk to ignore it, it won’t go away and you could end up with a huge fine and risk reputational damage as a result of a data breach.

For organisations in this position, and any other organisation that face the task of PCI compliance for that matter, there is help at hand which doesn’t have to be expensive and doesn’t have to take over the whole organisation for months at a time.

Rather than bombard you with all the PCI DSS resouces available, of which we supply a full suite to meet the needs of any organisation, I will simply tell you about the two most popular resources that organisations have used to meet their PCI compliance challenge.
(more…)

There are two training courses that we are running early in February which I felt you should be aware of:

1. Implementing ISO20000 (ISO20000 Consultant Certificate) Training Course; &
2. COBIT 4.1 Foundation Course (Official ISACA 2-day Course).

(more…)