Evifa-Portal

Hits per page

hits 1 - 8 | 8 hits

Sorting

Online Resource

ISO/IEC 38500 : The IT Governance Standard (2008)

Calder, Alan [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : IT Governance Publishing | Boston, MA : Safari

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (49 pages)

Edition: 1st edition

Keywords: Electronic books ; local

Abstract: Understand ISO 38500: the standard for the corporate governance of IT ISO/IEC38500 is the international standard for the corporate governance of information and communication technology. The purpose of the standard is to create a framework to ensure that the Board is appropriately involved in the governance of the organisation's IT. The standard sets out guiding principles for directors on how to ensure the effective, efficient and acceptable use of IT within their company. This useful pocket guide provides an account of the scope and objectives of the standard. It outlines the standard's six core principles, sets out the three major tasks that the standard assigns to directors regarding IT, and explains the interrelationship between the two. The guide also offers advice on how to set up and implement the IT governance framework. Business benefits of ISO/IEC 38500 (ISO38500) include: Manage the organisation's investment in IT responsibly The pocket guide shows how the standard can be used to ensure that your decision making about IT investment remains clear and transparent, and that the associated risks are clearly understood. Meet compliance requirements ISO/IEC38500 requires directors to verify that their IT systems are in compliance with all applicable regulations. As this pocket guide explains, following the procedures set out in ISO/IEC38500 will help company directors both to achieve and demonstrate compliance. Improve the performance of the organisation On average, investment in IT represents more than 50 per cent of every organisation's annual capital investment. Both private and public sector organisations need to maintain a high standard of service while at the same time keeping costs low. The pocket guide looks at how following the guidance contained in ISO/IEC38500 can enable directors to retain a grip on costs and obtain better value for money from IT equipment. Introduce effective project governance This pocket guide describes how ISO/IEC38500 can help company directors to identify problems in an IT project at an early stage. In this way, the standard promotes effective management of the risks associated with major IT projects, enables the board to keep a grip on budgets and militates against project failure. Implement ISO38500, the international standard for corporate governance of IT An IT governance framework serves to close the gap between the importance of IT and the understanding of IT. For this reason, you can use an IT go...

Note: Online resource; Title from title page (viewed July 31, 2008) , Mode of access: World Wide Web.

URL: https://learning.oreilly.com/library/view/-/9781905356584/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

Online Resource

Ten Rules of Information Security for the Smaller Business (2008)

Calder, Alan [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : IT Governance Publishing | Boston, MA : Safari

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (95 pages)

Edition: 1st edition

Keywords: Electronic books ; local

Abstract: Invaluable advice on information security in clear, accessible language! Are you making it too easy for online fraudsters to steal from your company? IT is opening up new opportunities for your business. It also offers rich pickings for the criminal. The new threat When legitimate business goes digital, organised crime cannot be far behind. So, once your business is connected to the Internet, you become vulnerable to a whole range of new threats. Hackers can break into your computer, using dictionary attacks or keystroke logging to seize the password to your email account. ; Criminals may send you emails in an attempt to trick you into downloading malicious software or to reveal your bank details. Online fraud may now be as valuable to organised crime as drug trafficking, and there are roughly 200,000 viruses, Trojans and worms circulating in cyberspace. All this means that in today's world, the bad guys are only a mouse-click away. What you can do Your business information is valuable, so it is in your interest to protect it. You also have a responsibility towards your customers. While information security breaches are costly in themselves, you also have to think about what exposing your customers to the danger of identity theft might do to your company's reputation. Sometimes these issues seem complex and bewildering. The good news is that you can take some simple steps that will help to secure your business's digital information. Common-sense precautions, like not leaving your laptop lying around in a public place, or protecting your wireless network with a firewall, make a real difference. Speaking your language If IT is not your speciality, and you are running a small business that is connected to the Internet, then this book is for you. The author steers clear of geek language, and offers you, in plain English, ten simple rules to keep you out of trouble online. The damage and losses that result from online fraud can run into thousands of pounds, so this could well be the most valuable books you ever buy! Benefits to business include: Retain customer confidence If you cannot protect your customer data, then you will leave it exposed to hackers and thieves. Breaches in your information security will not only alienate existing customers, but also scare other potential customers away. To protect the reputation of your company, you need to get up to speed on information security. Avoid fines and lawsuits If you are running a business, you ha...

Note: Online resource; Title from title page (viewed July 1, 2008) , Mode of access: World Wide Web.

URL: https://learning.oreilly.com/library/view/-/9781905356553/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

Online Resource

ISO27001 : ISO27002 (2008)

Calder, Alan [VerfasserIn] 1957-

Ely, U.K. : IT Governance Pub.

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (1 v.)

Keywords: Information technology ; Security measures ; Computer networks ; Security measures ; Data protection ; Risk management ; Electronic books ; Electronic books ; local

Abstract: Use ISO27001 to protect your organisation's information assets This helpful, handy ISO27001/ISO27002 pocket guide gives a useful overview of these two important information security standards. Read this pocket guide to learn about: The ISO/IEC 27000 Family of Information Security Standards Background to the Standards Certification process The ISMS and ISO27001 Overview of ISO/IEC 27001:2005 Specification vs Code of Practice Documentation Records Management Responsibility Policy Scope Risk Assessment Implementation. Confidentiality, Integrity and Availability In order to ensure the availability, confidentiality and integrity of your business information, you will need to put in place an information security management system (ISMS). ISO27001 is the international standard that offers a framework for an ISMS. If your organisation's ISMS conforms to the specification of ISO27001, you can arrange for an independent audit of the ISMS against that specification and eventually achieve certification. Why does ISO27001/27002 matter? Improve efficiency - An ISO27001 compliant ISMS will enable your organisation to move beyond the ad hoc approach to information security. An unsystematic approach to the subject tends to mean that a lot of people's time is wasted ""putting out bush fires"": fixing bugs in software and reacting to incidents as they arise. However, the structured, coherent approach of the ISMS will make your organisation less likely to be crippled by minor setbacks and will, therefore, enable it to function more effectively Protect your information assets - Information assets face a wide range of threats, ranging from criminal activity, such as fraud, to user error or system failure. Putting in place an ISMS, will enable you to improve the level of information security within your organisation Manage risk - The systematic approach to information security required under ISO27001, means your organisation needs to put in place a risk treatment plan. Once you have identified the main threats to your business information, and the most likely ways in which they could do damage to your company, you can work out how best to eliminate or reduce these risks. In addition, there are some risks you can manage by ensuring they remain at an acceptable level Prepare for the worst - Supposing that, in spite of the precautions you had taken, your company did suffer a major security breach. If something like that happened, how well prepared would your company th...

Note: Description based on online resource; title from title page (Safari, viewed August 19, 2013)

URL: https://learning.oreilly.com/library/view/-/9781849281669/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

Online Resource

Business continuity and BS25999 : a combined glossary (2008)

Calder, Alan [VerfasserIn] 1957-

Cambridgeshire, UK : IT Governance Pub.

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (1 v.) , ill.

Keywords: Business planning ; Operational risk ; Emergency management ; Information technology ; Electronic books ; Electronic books ; local

Abstract: The first glossary to present the full range of terms relating to business continuity BS25999 is the formal standard for business continuity management. This invaluable pocket guide will help you to understand the language of business continuity. It contains definitions both of the key words in BS25999 and of the relevant terms found in the information security standard, ISO27001. Other definitions provided in the glossary have been taken from the earlier glossaries published by the Business Continuity Institute and the DRI (Institute for Continuity Management), from the IT service management standard, ISO20000, and from the IT Infrastructure Library (ITILv3). Created to facilitate the adoption of BS25999, the combined glossary sets out the most common business continuity terms and offers an authoritative explanation of what they mean. It will therefore enable business continuity to be discussed clearly and consistently throughout the English-speaking world. Benefits to business include: Improve communication and cooperation Business continuity management requires commitment at boardroom level, and involves many different people within a given organisation. The purpose of this glossary is to facilitate communication and thereby make it easier for IT managers, business continuity professionals and senior executives to cooperate Find a glossary that is comprehensive Just as business continuity affects many different functions within the organisation, so it also touches upon other standards besides BS25999. This glossary combines definitions of words from BS25999 with terms both from other information security standards and from the IT Infrastructure Library. As the first truly comprehensive glossary of business continuity terms, this pocket guide is the only book where you can find an explanation of all the relevant business continuity terms in one place Stay in the loop If your organisation is setting up a business continuity management plan, you have a choice. Either you get involved in the process, or the key decisions will be taken without your input. If you want to be kept in the loop on business continuity planning, this guide can help you to understand what people are talking about and how it relates to your area of responsibility Help your staff to plan for an emergency Business continuity planning is a vital imperative for those public sector organisations that are responsible for frontline services. Under the UK Civil Contingencies Act...

Note: Description based on online resource; title from title page (Safari, viewed Dec. 18, 2013)

URL: https://learning.oreilly.com/library/view/-/9781849281591/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

Online Resource

IT regulatory compliance in North America (2007)

Calder, Alan [VerfasserIn] 1957-

[Ely, UK?] : IT Governance

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (1 v.)

Keywords: Information technology ; Law and legislation ; United States ; Technology and law ; United States ; Information technology ; United States ; Management ; Electronic books ; Electronic books ; local

Abstract: A clear and concise introduction to the rules for IT in North America In today's computer-driven world, every modern business depends on its information technology. This means that IT systems have to be protected and regulated. If your organization has a presence in North America, you need to be familiar with the relevant laws and standards for IT governance. IT is a key component of the US legislation relating to corporate governance and privacy. In addition, the Basel 2 Accord, the Fair Credit Reporting Act and the online banking standards of the Federal Financial Institutions Examination Council (FFIEC) all have important IT governance implications. Canada also has its own Personal Information Protection and Electronic Documents Act (PIPEDA). With such a wide range of rules and regulations, where do you begin? This pocket guide is intended as a brief, accessible survey of the major North American legislation relating to IT and information security. It provides a concise summary of the IT governance provisions currently in effect in Canada and the United States. Including advice on the requirements for preserving corporate records, the guide will help you to identify any gaps in your organization's IT compliance regime. Benefits to business include: Avoid breaches of criminal or civil law The pocket guide covers the key IT compliance issues for organizations operating in North America Find out about the IT Governance requirements of Sarbanes-Oxley The Sarbanes-Oxley Act of 2002 (SOX) was passed in response to the Enron scandal. Compliance with Sarbanes-Oxley is mandatory and failure to comply can result in significant penalties for individual directors. Tis pocket guide explains the internal controls over your IT systems that SOX requires you to maintain Understand the requirements of GLBA The Gramm-Leach-Bliley Act or Financial Services Modernisation Act covers all US-regulated financial services corporations. The pocket guide outlines the information security requirements of the Act and looks at how they are enforced Learn about Safe Harbor compliance Under the Safe Harbor framework, US corporations that have operations in the EU are permitted to receive European data. The pocket guide outlines the advantages for an American company of Safe Harbor compliance This pocket guide covers essential North American IT- and information-related regulation, including: Corporate governance, particularly Sarbanes-Oxley Basel2 Breach Notification laws O...

Note: Publication information taken from resource description page (Safari, viewed August 16, 2013). - Description based on online resource; title from cover

URL: https://learning.oreilly.com/library/view/-/9781849281201/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

Online Resource

Risk assessment for asset owners : a pocket guide (2007)

Calder, Alan [VerfasserIn] 1957- ; Watkins, Steve G [MitwirkendeR]

[Ely, UK?] : IT Governance

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (1 v.) , ill.

Series Statement: Pocket guides: practical information security

Keywords: Data protection ; Evaluation ; Data protection ; Standards ; Risk management ; Electronic books ; Electronic books ; local

Note: Publication information taken from resource description page (Safari, viewed August 19, 2013). - Includes bibliographical references. - Description based on online resource; title from cover

URL: https://learning.oreilly.com/library/view/-/9781849281232/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

Online Resource

IT regulatory compliance in the UK (2007)

Calder, Alan [VerfasserIn] 1957-

[Ely, UK?] : IT Governance

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (1 v.)

Keywords: Information technology ; Law and legislation ; Great Britain ; Technology and law ; Great Britain ; Information technology ; Great Britain ; Management ; Electronic books ; Electronic books ; local

Abstract: In today's computer-driven world, every modern business depends on its information technology. This means that IT systems have to be protected and regulated. If you run a company that is based in or has a presence in Britain, you need to be familiar with the UK laws and standards that relate to IT governance. This pocket guide provides you with a concise and accessible guide to the relevant UK legislation, including the Data Protection Act 1998, the Freedom of Information Act 2000 and the Regulation of Investigatory Powers Act 2000. It explains the importance of keeping and preserving records, and outlines the type of records your organisation is obliged to retain. IT compliance represents a key challenge for information professionals. By offering you a bird's eye view of the IT compliance landscape, this pocket guide makes that challenge easier to overcome. Benefits to business include: Avoid breaches of criminal or civil law This pocket guide covers the key IT compliance issues for organisations operating in the UK. Find out what is required of IT systems under the Combined Code The pocket guide summarises the requirements of the UK's corporate governance regime in relation to information risk, referring both to the Combined Code and to the Turnbull Guidance. Learn about the UK's distance selling regulations This pocket guide discusses the Privacy and Electronic Communications Regulations 2003. These regulations cover unsolicited direct marketing activity by e-mail. The pocket guide also looks at distance selling regulations such as the Electronic Commerce Regulations (2002). Understand the requirements of copyright law The pocket guide explains the implications of the Copyright Designs and Patents Act 1988 for your use of computer software, with particular reference to user licences. The guide also looks at how you can use steganography (digital watermarking) to protect your ownership of digital information. This pocket guide includes coverage of key UK IT and information-related regulation, such as: FSA Regulations Basel2 MiFID Data Protection Act 1998 Privacy and Electronic Communications Regulations 2003 Freedom of Information Act 2000 Computer Misuse Act 1990 (as updated in 2006) Copyright, Designs and Patents Act 1998 Electronic Communications Act 2000 Regulation of Investigatory Powers Act 2000 Human Rights Act 2000 Disability Discrimination Act 1995 Safeguarding of organizational resources Make sure your IT systems comply with the r...

Note: Publication information taken from resource description page (Safari, viewed August 19, 2013). - Description based on online resource; title from cover

URL: https://learning.oreilly.com/library/view/-/9781849281676/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

Online Resource

IT governance : a pocket guide (2007)

Calder, Alan [VerfasserIn] 1957-

Ely, Cambridgeshire, U.K. : IT Governance Pub.

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (1 v.) , ill.

Keywords: Information technology ; Management ; Electronic books ; Electronic books ; local

Abstract: An Introduction to IT Governance If you are unsure what IT governance is, or how it is relevant to your business, this pocket guide is for you. It outlines the key drivers for IT governance in the modern global economy, with particular reference to corporate governance requirements and the need for companies to protect their information assets. IT Governance for "Non-geeks" The guide examines the role of IT governance in the management of strategic and operational risk. It also looks at the most important considerations when setting up an IT governance framework, and introduces you to the Calder-Moir IT Governance Framework that the author helped to create. The approach throughout is resolutely non-geek, avoiding technical jargon and with the emphasis on business opportunities and needs. Find out about something that matters for your organisation's survival If you want your business to succeed, you have to make effective use of information technology. Otherwise you will be outpaced by your competitors. This pocket guide is about how to create a framework to ensure that your organisation's IT will support its overall objectives. Understand a crucial aspect of corporate governance Companies are regulated in order to protect the interests of shareholders from fraudulent or reckless activity on the part of the directors. For US-listed companies, compliance with the Sarbanes-Oxley Act (SOX) of 2002 is mandatory. The requirements of SOX and the UK's Combined Code can only be met if you have an effective IT governance framework already in place. Understand a crucial aspect of risk management Those running a company have a responsibility to manage risk. An IT governance framework will help you to stop hackers, fight cybercrime and minimise the disruption to your operations in the event of an accident. Cut costs and boost profits While businesses often need to spend money on upgrades to their computer systems and software, this issue has many pitfalls. This pocket guide shows how IT governance can help you to make better investment decisions. An IT governance framework also enhances your overall competitiveness and thus increases profitability.

Note: Includes bibliographical references. - Description based on print version record

URL: https://learning.oreilly.com/library/view/-/9781849281171/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

hits 1 - 8 | 8 hits