IT Governance

IT Governance : An International Guide to Data Security and ISO27001/ISO27002

3.6 (15 ratings by Goodreads)
By (author)  , By (author) 

Free delivery worldwide

Available. Dispatched from the UK in 1 business day
When will my order arrive?


Faced with constant and fast-evolving threats to information security and with a growing exposure to cyber risk, managers at all levels and in organizations of all sizes need a robust IT governance system. Now in its sixth edition, the bestselling IT Governance provides guidance for companies looking to protect and enhance their information security management systems and protect themselves against cyber threats. This version has been fully updated to take account of current cyber security and advanced persistent threats and reflects the latest regulatory and technical developments, including the 2013 updates to ISO 27001/ISO 27002.

Changes for this edition include: updates in line with the revised ISO 27001 standard and accompanying ISO 27002 code of practice for information security controls; full coverage of changes to data-related regulations in different jurisdictions and advice on compliance; guidance on the options for continual improvement models and control frameworks made possible by the new standard; new developments in cyber risk and mitigation practices; guidance on the new information security risk assessment process and treatment requirements. Including coverage of key international markets, IT Governance is the definitive guide to implementing an effective information security management and governance system.
show more

Product details

  • Paperback | 360 pages
  • 155 x 235 x 10mm | 370g
  • London, United Kingdom
  • English
  • Revised
  • 6th Revised edition
  • black & white illustrations
  • 074947405X
  • 9780749474058
  • 458,904

Table of contents

Chapter - 01: Why is information security necessary?;
Chapter - 02: The UK Combined Code, the FRC Risk Guidance and Sarbanes-Oxley;
Chapter - 03: ISO27001;
Chapter - 04: Organizing information security;
Chapter - 05: Information security policy and scope;
Chapter - 06: The risk assessment and Statement of Applicability;
Chapter - 07: Mobile devices;
Chapter - 08: Human resources security;
Chapter - 09: Asset management;
Chapter - 10: Media handling;
Chapter - 11: Access control;
Chapter - 12: User access management;
Chapter - 13: System and application access control;
Chapter - 14: Cryptography;
Chapter - 15: Physical and environmental security;
Chapter - 16: Equipment security;
Chapter - 17: Operations security;
Chapter - 18: Controls against malicious software (malware);
Chapter - 19: Communications management;
Chapter - 20: Exchanges of information;
Chapter - 21: System acquisition, development and maintenance;
Chapter - 22: Development and support processes;
Chapter - 23: Supplier relationships;
Chapter - 24: Monitoring and information security incident management;
Chapter - 25: Business and information security continuity management;
Chapter - 26: Compliance;
Chapter - 27: The ISO27001 audit
show more

Review Text

"One of the greatest features of this guide is that it approaches IT governance from the prospective of a director or manager rather than an IT specialist, meaning you do not have to already be well versed in IT governance to glean the important points and lessons demonstrated within these pages."
show more

About Alan Calder

Alan Calder is founder-director of IT Governance Ltd, which provides IT governance, compliance, risk management and information security books, trading tools, consultancy and training. Alan consults with companies internationally on matters relating to information security.

Steve Watkins is a director at IT Governance, Chair of the ISO/IEC 27001 User Group - the UK Chapter of the ISMS International User Group - and contracted Technical Assessor for UKAS, assessing certification bodies offering ISMS/ISO 27001 and ITSMS/ISO 20000-1 accredited certification. He sits on the UK national standards body's technical committees RM/1, IST/33 and sub-committee IST/33/1 , and is Chair of IST/33/1 Panel 2, which is responsible for the UK's contributions to standards including ISO 27006, 27007, 27008 and 27021.
show more

Rating details

15 ratings
3.6 out of 5 stars
5 20% (3)
4 33% (5)
3 33% (5)
2 13% (2)
1 0% (0)
Book ratings by Goodreads
Goodreads is the world's largest site for readers with over 50 million reviews. We're featuring millions of their reader ratings on our book pages to help you find your new favourite book. Close X