IT Governance Blog on IT governance, risk management, compliance and information security.

During times of austerity it’s more challenging than ever for an organisation to meet its compliance obligations. With a difficult and uncertain economic environment, there can be a tendency to consider compliance issues, such as Information Security, as an unnecessary expense and, understandably, focus resources on revenue building projects instead.

Taking such a ‘short sighted’ approach can be dangerous!

While it makes good business sense to focus on revenue building activities, organisations that simply ignore their responsibilities, where information security is concerned, will be playing devils-advocate.

(more…)

Time is running out to make the most of out August offers. We have a very limited number of spaces left on our September ISO27001 Training Courses, which have money off and ‘added value’ tools & resources available until the end of August.

For those of you who can’t attend a training course, we have a fantastic offer available on the unique No 3 ISO27001 ISMS Toolkit.

Extra Value No 3 ISO27001 Comprehensive ISMS Toolkit Offer

ISO27001 Comprehensive ISMS Toolkit If you purchase this toolkit before the end of August (2010), we’ll send you a further 7 unique resources to help kick-start your information security programme – absolutely free! Implementing ISO/IEC 27001 and creating an effective Information Security Management System for the first time can be challenging! This toolkit has everything you will need. When you use our highly practical and informative books and tools to help you tackle the project, you receive unique guidance and support for your organisation – plus, with this package, you save money!

The No 3 ISO27001 Comprehensive ISMS Toolkit contains everything:

(more…)

Throughout August we’re offering some fantastic deals on our September 2010 training courses and I would hate for you to miss out. You can see all the offers available on our blog. Below are some offers that I thought may be of particular interest to you:

Offer 1: ISO27001 Foundation Course

Foundations of Information Security Management According to ISO27001 Training

This 1-day course will be held in Manchester on 7 September and gives an excellent overview of the ISO27001 standard, including how ISO27001 is helping companies around the world compete more effectively,
how ISO27001 helps organisations meet their legal, regulatory and contractual compliance objectives, and how ISO27001 helps increase user productivity and reduce IT problems.

Delegates who book the course during August will receive a bundle of e-books (worth over £100), absolutely free, which will complement their training and help them towards successful ISO27001 certification.

Read more about this offer here >>

(more…)

CISA & CISM are top qualifications for career minded Information Security Professionals.

Secure your career and your company with a December 2010 CISA or CISM Certificate – but act now: exam registration closes soon!

The bi-annual Certified Information Systems Auditor (CISA^®) and Certified Information Security Manager (CISM^®) Exams will take place on 11th December and it’s looking likely that exam spaces may sell out fast. With austerity creating a challenging business environment, you could be competing for work with more people than ever, employers will base their recruitment decisions on qualifications as well as experience. This will lead to a massive influx of candidates wanting to take the December 2010 Exams.

Three steps to guarantee you sit and pass the exam

(more…)

Our next ISO27001 Foundations Course will be held in Manchester on 7th September 2010.

Delegates who attend this course will receive a bundle of e-books (worth over £100), absolutely free, which will complement their training and help them towards successful ISO27001 certification.

Foundations of Information Security Management according to ISO27001 Training benefits everyone who want to know more about:

How ISO27001 is helping companies around the world compete more effectively How ISO27001 helps organisations meet their legal, regulatory and contractual compliance objectives How ISO27001 helps increase user productivity and reduce IT problems The benefits of using ISO27001 (BS7799) to guide their information security activities How to use ISO27001 and ISO17799 (ISO27002) together Planning to develop and implement an ISMS based on ISO27001.

(more…)

Many suppliers of pen testing services in the UK provide very effective technical tests but often fail to deliver a comprehensive Penetration Testing Report. The quality of the information contained in the report and its relationship to the identification of the potential threats, is crucial to ensuring your networks and applications are truly secure.

What should you expect from our Penetration Test Report?

While a great deal of technical effort is applied during the testing and analysis, the real value of our Penetration Testing Service is in the report and the subsequent briefing provided to your key stakeholders. Each report includes the following:

• A complete description of the tests performed
• Each potential vulnerability identified and ranked in order of importance
• A proposed remedial solution for each potential vulnerability
• An Executive Summary that clearly identifies the business risks and possible solutions
• The opportunity to discuss all tests and recommendations as required.

(more…)

There is a common misconception that at IT Governance, we just publish books and toolkits, or we just develop and run ISO27001 training courses, or just offer consultancy services. The fact is, we do all these things, and going by our customers’ comments, we do them very well!

The breadth of products and services we have available puts us in the unique position of being able to offer our clients the solution they require, no matter what stage of a given project they’re at. Did you know, for instance, we now offer penetration testing services?

We also deliver many of these services internationally!
(more…)

Do you require the ISO 27001 Information Security Management Standard to help you win new business with customers in the Public Sector?

Have you noticed how many Pre-Qualification Questionnaire and Invitation to Tender documents now ask for this standard as a compulsory requirement?

How can you afford the time and expense required to be awarded ISO 27001?

The IT Governance FastTrack ISO 27001 Consultancy Service is specifically designed to prepare your organisation for UKAS-accredited certification to ISO27001:2005 in just 3 months. Providing you have less than 19 members of staff and a single office location, we can offer this complete service for a fixed fee of just £5,000.
(more…)

We have just launched a new range of EC-Council endorsed e-learning courses which offers a wide range of professional certifications for security professionals.

You can read more about the EC-Council qualifications, which include CEH, CHFI, ECSA, ENSA, and Security5, on this blog post.

Until the end of July, we are offering each subject’s official manual absolutely free, to anyone who purchases one of these new courses!

EC-Council exams

EC-Council exams are available from Prometric exam centres globally, but only through purchasing one of the e-learning courses or taking another accredited course can you take any of the exams. A voucher is supplied as part of any accredited course, allowing you to book the relevant exam with Prometric.

Gain a new qualification in your own time and at your own pace!

Order one of these distance learning packages today >>

CEH, CHFI, ECSA, ENSA, and Security5

The EC-Council, one of the leading certification bodies for the IT security industry, offers a wide range of professional certifications for security professionals. Amongst these are many different levels of qualification.

Career Academy have launched a range of EC-Council endorsed courses that cover a wide selection of these qualifications. All of the current Career Academy (EC-Council endorsed) courses are now available from IT Governance’s EC-Council Campus.

Read on for details of the EC-Council qualifications with available e-learning courses.

(more…)