Faced with the compliance requirements of increasingly punitive
information and privacy-related regulation, as well as the proliferation
of complex threats to information security, there is an urgent need for
organizations to adopt IT governance best practice. IT Governance
is a key international resource for managers in organizations of all
sizes and across industries, and deals with the strategic and
operational aspects of information security.
Now in its seventh edition, the bestselling IT Governance provides
guidance for companies looking to protect and enhance their information
security management systems (ISMS) and protect themselves against cyber
threats. The new edition covers changes in global regulation,
particularly GDPR, and updates to standards in the ISO/IEC 27000 family,
BS 7799-3:2017 (information security risk management) and the latest
standards on auditing. It also includes advice on the development and
implementation of an ISMS that will meet the ISO 27001 specification and
how sector-specific standards can and should be factored in. With
information on risk assessments, compliance, equipment and operations
security, controls against malware and asset management, IT
Governance is the definitive guide to implementing an effective
information security management and governance system.