Evifa-Portal

1

Online Resource

ISO 22301:2019 and business continuity management – Understand how to plan, implement and enhance a business continuity management system (BCMS) (2021)

Calder, Alan [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : IT Governance Publishing | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781787783010

Language: English

Pages: 1 online resource (145 pages)

Edition: 1st edition

Keywords: Electronic books ; local

Abstract: ISO 22301:2019 and business continuity management – Understand how to plan, implement and enhance a business continuity management system (BCMS) walks you through the requirements of ISO 22301, explaining what they mean and how your organisation can achieve compliance. It is an essential companion guide for those working in business continuity.

Note: Online resource; Title from title page (viewed March 25, 2021) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

2

Online Resource

The Ransomware Threat Landscape (2021)

Calder, Alan [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : IT Governance Publishing | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781787782808

Language: English

Pages: 1 online resource (85 pages)

Edition: 1st edition

Keywords: Electronic books ; local

Abstract: Ransomware will cost companies around the world $20 billion in 2021. Prepare for, recognise and survive ransomware attacks with this essential guide which sets out clearly how ransomware works, to help business leaders better understand the strategic risks, and explores measures that can be put in place to protect the organisation.

Note: Online resource; Title from title page (viewed February 18, 2021) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

3

Online Resource

ISO22301 : 2019 - An introduction to a business continuity management system (BCMS) (2020)

Calder, Alan [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : IT Governance Publishing | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781787782273 , 1787782271 , 9781787782297

Language: English

Pages: 1 online resource (38 pages)

Edition: 1st edition

Keywords: Electronic books ; local

Abstract: Understand the basics of business continuity and ISO 22301:2019 with this concise pocket guide, which will help you ensure your organisation can continue to operate in the event of a disruption.

Note: Online resource; Title from title page (viewed June 30, 2020) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

4

Online Resource

EU GDPR – An international guide to compliance (2020)

Calder, Alan [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : IT Governance Publishing | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781787782549

Language: English

Pages: 1 online resource (77 pages)

Edition: 1st edition

Keywords: Electronic books ; local

Abstract: Thrive under the GDPR (General Data Protection Regulation) wherever you are in the world. This pocket guide will help you understand the Regulation, the broader principles of data protection, and what the GDPR means for businesses in Europe and beyond.

Note: Online resource; Title from title page (viewed October 15, 2020) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

5

Online Resource

The Cyber Security Handbook – Prepare for, respond to and recover from cyber attacks (2020)

Calder, Alan [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : IT Governance Publishing | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781787782624

Language: English

Pages: 1 online resource (361 pages)

Edition: 1st edition

Keywords: Electronic books ; local

Abstract: This book is a comprehensive cyber security implementation manual which gives practical guidance on the individual activities identified in the IT Governance Cyber Resilience Framework (CRF) that can help organisations become cyber resilient and combat the cyber threat landscape.

Note: Online resource; Title from title page (viewed December 10, 2020) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

6

Online Resource

Information Security Risk Management for ISO 27001/ISO 27002, third edition (2019)

Watkins, Steve [VerfasserIn] ; Calder, Alan [MitwirkendeR]

[Erscheinungsort nicht ermittelbar] : IT Governance Publishing | Boston, MA : Safari

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (181 pages)

Edition: 1st edition

Keywords: Electronic books ; local

Abstract: Ideal for risk managers, information security managers, lead implementers, compliance managers and consultants, as well as providing useful background material for auditors, this book will enable readers to develop an ISO 27001-compliant risk assessment framework for their organisation and deliver real, bottom-line business benefits.

Note: Online resource; Title from title page (viewed August 29, 2019)

URL: https://learning.oreilly.com/library/view/-/9781787781382/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

7

Online Resource

PCI DSS : A pocket guide, sixth edition (2019)

Williams, Geraint [VerfasserIn] ; Calder, Alan [MitwirkendeR]

[Erscheinungsort nicht ermittelbar] : IT Governance Publishing | Boston, MA : Safari

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (58 pages)

Edition: 1st edition

Keywords: Electronic books ; local

Abstract: This pocket guide is perfect as a quick reference for PCI professionals, or as a handy introduction for new staff. It explains the fundamental concepts of the latest iteration of the PCI DSS, v3.2.1, making it an ideal training resource. It will teach you how to protect your customers' cardholder data with best practice from the Standard.

Note: Online resource; Title from title page (viewed September 5, 2019)

URL: https://learning.oreilly.com/library/view/-/9781787781641/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

8

Online Resource

EU GDPR & EU-U.S. Privacy Shield : A pocket guide, second edition (2019)

Calder, Alan [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : IT Governance Publishing | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781787780743

Language: English

Pages: 1 online resource (76 pages)

Edition: 1st edition

Keywords: Electronic books ; local

Abstract: This concise guide is essential reading for US organizations wanting an easy to follow overview of the GDPR and the compliance obligations for handling data of EU citizens, including guidance on the EU-U.S. Privacy Shield.

Note: Online resource; Title from title page (viewed October 15, 2019)

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

9

Online Resource

ISO/IEC 38500 : A pocket guide, second edition (2019)

Calder, Alan [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : IT Governance Publishing | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781787781702

Language: English

Pages: 1 online resource (42 pages)

Edition: 1st edition

Keywords: Electronic books ; local

Abstract: This useful pocket guide is an ideal introduction for those wanting to understand more about ISO 38500. It describes the scope, application and objectives of the Standard and outlines its six core principles.

Note: Online resource; Title from title page (viewed September 26, 2019)

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

10

Online Resource

NIST Cybersecurity Framework - A pocket guide (2018)

Calder, Alan [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : IT Governance Publishing | Boston, MA : Safari

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (78 pages)

Edition: 1st edition

Keywords: Electronic books ; local

Abstract: The NIST CSF is a framework for organizations to manage and mitigate cybersecurity risk based on existing standards, guidelines, and practices.

Note: Online resource; Title from title page (viewed September 28, 2018)

URL: https://learning.oreilly.com/library/view/-/9781787780422/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

11

Online Resource

Network and Information Systems (NIS) Regulations - A pocket guide for digital service providers (2018)

Calder, Alan [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : IT Governance Publishing | Boston, MA : Safari

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (61 pages)

Edition: 1st edition

Keywords: Electronic books ; local

Abstract: This pocket guide is a primer for any DSPs (digital service providers) that needs to comply with the NIS Regulations, and explores who they are, and why the NIS Regulations are different for them.

Note: Online resource; Title from title page (viewed November 1, 2018)

URL: https://learning.oreilly.com/library/view/-/9781787780507/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

12

Online Resource

Network and Information Systems (NIS) Regulations - A pocket guide for operators of essential services (2018)

Calder, Alan [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : IT Governance Publishing | Boston, MA : Safari

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (64 pages)

Edition: 1st edition

Keywords: Electronic books ; local

Abstract: This pocket guide is a primer for any OES (operators of essential services) that needs to comply with the NIS Regulations, and explores who they are, and why the NIS Regulations are different for them.

Note: Online resource; Title from title page (viewed November 1, 2018)

URL: https://learning.oreilly.com/library/view/-/9781787780545/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

13

Online Resource

A concise introduction to the NIS Directive - A pocket guide for digital service providers (2018)

Calder, Alan [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : IT Governance Publishing | Boston, MA : Safari

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (57 pages)

Edition: 1st edition

Keywords: Electronic books ; local

Abstract: This pocket guide is an introduction to the EU’s NIS Directive (Directive on security of network and information systems). It outlines the key requirements, details which digital service providers are within scope, and explains how the security objectives from ENISA’s Technical Guidelines and international standards can help DSPs achieve compliance

Note: Online resource; Title from title page (viewed November 1, 2018)

URL: https://learning.oreilly.com/library/view/-/9781787781047/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

14

Online Resource

EU GDPR : A Pocket Guide, School's edition (2018)

Calder, Alan [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : IT Governance Publishing | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781787780057

Language: English

Pages: 1 online resource (92 pages)

Edition: 1st edition

Keywords: Electronic books ; local

Abstract: The EU General Data Protection Regulation (GDPR) unifies data protection and unifies data protection across the EU. It applies to every organisation in the world that handles EU residents’ personal data – which includes schools. The Regulation introduces a number of key changes for schools – and the change from compliance with the Data Protection Act 1998 (DPA) to GDPR compliance is a complex one. We have revised our popular EU GDPR – A Pocket Guide to include specific expectations of and requirements for schools, and provide an accessible overview of the changes you need to make to comply with the Regulation. GDPR – A Pocket Guide Schools’ Edition sets out: A brief history of data protection and national data protection laws in the EU, including as the UK’s DPA); Explanations of the terms and definitions used in the GDPR; The key requirements of the GDPR; The need to appoint a data protection officer (DPO); The lawful basis of processing data and when consent is needed; How to comply with the Regulation; and A full index of the Regulation, enabling you to find relevant articles quickly and easily. This pocket guide is the ideal resource for anyone wanting a clear, concise primer on the GDPR.

Note: Online resource; Title from title page (viewed September 17, 2018)

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

15

Online Resource

EU GDPR - A Pocket Guide (European) second edition (2018)

Calder, Alan [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : IT Governance Publishing | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781787780705

Language: English

Pages: 1 online resource (87 pages)

Edition: 2nd edition

Keywords: Electronic books ; local

Abstract: This concise guide is essential reading for EU organisations wanting an easy to follow overview of the new regulation and the compliance obligations for handling data of EU citizens. The EU General Data Protection Regulation (GDPR) will unify data protection and simplify the use of personal data across the EU, and automatically supersedes member states domestic data protection laws. It will also apply to every organisation in the world that processes personal information of EU residents. The Regulation introduces a number of key changes for all organisations that process EU residents’ personal data. EU GDPR: A Pocket Guide provides an essential introduction to this new data protection law, explaining the Regulation and setting out the compliance obligations for EU organisations. This second edition has been updated with improved guidance around related laws such as the NIS Directive and the future ePrivacy Regulation. EU GDPR – A Pocket Guide sets out: A brief history of data protection and national data protection laws in the EU (such as the German BDSG, French LIL and UK DPA). The terms and definitions used in the GDPR, including explanations. The key requirements of the GDPR, including: Which fines apply to which Articles; The six principles that should be applied to any collection and processing of personal data; The Regulation’s applicability; Data subjects’ rights; Data protection impact assessments (DPIAs); The role of the data protection officer (DPO) and whether you need one; Data breaches, and the notification of supervisory authorities and data subjects; Obligations for international data transfers. How to comply with the Regulation, including: Understanding your data, and where and how it is used (e.g. Cloud suppliers, physical records); The documentation you need to maintain (such as statements of the information you collect and process, records of data subject consent, processes for protecting personal data); The “appropriate technical and organisational measures” you need to take to ensure your compliance with the Regulation. A full index of the Regulation, enabling you to find relevant Articles quickly and easily.

Note: Online resource; Title from title page (viewed October 23, 2018) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

16

Online Resource

RGPD UE : Guide de poche (2017)

Calder, Alan [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : IT Governance Publishing | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781849288613

Language: English , French

Pages: 1 online resource (98 pages)

Edition: 1st edition

Keywords: Electronic books ; local

Abstract: Une amorce claire et concise sur le règlement général sur la protection des données Le règlement général sur la protection des données va unifier la protection des données et faciliter la circulation des données personnelles dans l'UE quand il entre en vigueur en mai 2018, et il sera applicable à toutes les organisations dans le monde qui font des affaires avec les résidents de l'UE. Le règlement introduit un certain nombre de changements importants pour les organisations. RGPD UE: Guide de poche donne un aperçu accessible des changements que vous devez faire dans votre organisation pour se conformer à la nouvelle loi. Product overview RGPD UE : Guide de poche énonce: Une brève histoire de la protection des données et les lois nationales sur la protection des données dans l'UE (tels que le DPA du Royaume-Uni, le BDSG allemand et la loi informatique et libertés française). Les termes et les définitions utilisées dans le règlement général sur la protection des données, y compris les explications. Les principales exigences du règlement général sur la protection des données, y compris: Quelles amendes appliquer à quels articles; Les six principes qui devraient être appliqués à toute collecte et le traitement des données personnelles; L'applicabilité du règlement; Les droits des personnes concernées; Les études d'impact sur la protection des données; Le rôle de l'agent de la protection des données DPO et si vous en avez besoin; Les violations de données, et la notification des autorités de contrôle et les personnes concernées; Les obligations pour les transferts internationaux de données. Comment se conformer au règlement, y compris: Comprendre vos données, et où et comment elles sont utilisées (par exemple, les fournisseurs de Cloud, disques physiques); La documentation que vous devez maintenir (comme les déclarations de l'information que vous recueillez et traitez, les dossiers de consentement des personnes concernées, les processus de la protection des données personnelles); Les "mesures techniques et organisationnelles appropriées" que vous devez prendre pour assurer votre conformité avec le règlement. Un index complet du Règlement général sur la protection des données, qui vous permette de trouver les articles pertinents rapidement et facilement. Alan Calder, le fondateur et président exécutif du IT Governance Ltd, est un expert de la cyber-sécurité reconnu internationalement et un auteur de premier plan sur la sécurité de l'information et...

Note: Online resource; Title from title page (viewed January 17, 2017)

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

17

Online Resource

Nine steps to success : an ISO 27001:2013 implementation overview (2017)

Calder, Alan [VerfasserIn] 1957-

Ely, Cambridgeshire, United Kingdom : IT Governance Publishing

add to mindlist on the mindlist

Details

ISBN: 9781849289511 , 1849289514

Language: English

Pages: 1 online resource (1 volume)

Edition: North American edition.

Keywords: Computer security ; Management ; Computer security ; Standards ; Data protection ; Standards ; Electronic books ; Electronic books ; local

Abstract: Step-by-step guidance on a successful ISO 27001 implementation from an industry leader Resilience to cyber attacks requires an organization to defend itself across all of its attack surface: people, processes, and technology. ISO 27001 is the international standard that sets out the requirements of an information security management system (ISMS) - a holistic approach to information security that encompasses people, processes, and technology. Accredited certification to the Standard is recognized worldwide as the hallmark of best-practice information security management. Achieving and maintaining accredited certification to ISO 27001 can be complicated, especially for those who are new to the Standard. Author of Nine Steps to Success - An ISO 27001 Implementation Overview, Alan Calder is the founder and executive chairman of IT Governance. He led the world's first implementation of a management system certified to BS 7799, the forerunner to ISO 27001, and has been working with the Standard ever since. Hundreds of organizations around the world have achieved accredited certification to ISO 27001 with IT Governance's guidance, which is distilled in this book. Successfully implement ISO 27001 with this must-have guide Aligned with the latest iteration of ISO 27001:2013, the North American edition of Nine Steps to Success - An ISO 27001 Implementation Overview is ideal for anyone tackling ISO 27001 for the first time. In nine critical steps, the guide covers each element of the ISO 27001 project in simple, non-technical language. There is a special focus on how US organizations can tackle this governance. This book offers guidance throughout implementation: Getting management support and keeping the board's attention. Creating a management framework and performing a gap analysis so that you can clearly understand the controls you already have in place, and identify where you need to focus. Structuring and resourcing your project, including advice on whether to use a consultant or do it yourself, and examining the tools and resources that will make your job easier. Conducting a five-step risk assessment, and creating a Statement of Applicability (SoA) and risk treatment plan (RTP). Guidance on integrating your ISO 27001 ISMS with an ISO 9001 quality management system (QMS) and other management systems. Addressing the documentation challenges you'll face as you create business policies, procedures, work instructions, and records - includin...

Note: Includes bibliographical references. - Description based on online resource; title from title page (Safari, viewed May 1, 2018)

URL: https://learning.oreilly.com/library/view/-/9781849289511/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

18

Online Resource

Neun Schritte zum Erfolg : Ein Überblick zur Implementierung der Norm ISO 27001:2013 (2017)

Calder, Alan [VerfasserIn] 1957-

Ely, Cambridgeshire, United Kingdom : IT Governance Publishing

add to mindlist on the mindlist

Details

ISBN: 9781849288699

Language: German

Pages: 1 online resource (1 volume)

Keywords: Data protection ; Standards ; Data protection ; Evaluation ; Electronic books ; Electronic books ; local

Abstract: Schritt-für-Schritt-Anleitung für eine erfolgreiche ISO 27001-Implementierung In sinnvoller, nicht technischer Sprache führt Sie dieser Leitfaden durch die wichtigsten Schritte eines ISO 27001-Projekts, um Ihnen den Erfolg desselben zu garantieren - von der Einführung bis hin zur Zertifizierung: Projektmandat Projektanbahnung Initiierung eines ISMS Management-Framework Grundlegende Sicherheitskriterien Risikomanagement Implementierung Maßnahme, Überwachung und Überprüfung Zertifizierung In dieser dritten Auflage und ausgerichtet auf ISO 27001: 2013 eignet sich das Handbuch ideal für alle jene, die sich zum ersten Mal mit der Norm beschäftigen. "Es ist als hätten Sie einen $ 300 / h-Berater an Ihrer Seite, wenn Sie die Aspekte der Gewinnung von Management-Unterstützung, Planung, Problembestimmung (Scoping), Kommunikation etc. betrachten." Thomas F. Witwicki Mit Hilfe dieses Buches erfahren Sie wie Sie: Unterstützung im Management und die Aufmerksamkeit des Vorstands erhalten; Erstellen Sie ein Management-Framework und eine Gap-Analyse, um klar zu verstehen, was Sie bereits unter Kontrolle haben und worauf ihre Bemühungen abzielen sollen; Strukturieren Sie Ihr Projekt und statten Sie es mit Ressourcen aus - einschließlich der Festlegung, ob Sie einen Berater verwenden werden oder die Tätigkeit selbst durchführen sowie der Überprüfung der vorhandenen Mittel und Ressourcen, die ihre Arbeit erleichtern werden; Führen Sie eine fünfstufige Risikobewertung durch und erstellen Sie eine Aussage zur Anwendbarkeit sowie einen Risikoplan; Integrieren Sie Ihr ISO 27001 ISMS mit einem ISO 9001 QMS und anderem Managementsystem; Adressieren Sie die Dokumentationsherausforderungen, denen Sie im Rahmen der Erstellung von Geschäftsgrundsätzen, Verfahren, Arbeitsanweisungen und Datensätzen begegnen - einschließlich realisierbarer Alternativen zum kostspieligen Trial- und Error Ansatz Kontinuierliche Verbesserung Ihres ISMS, einschließlich interner Prüfungen und Tests sowie Kontrollen durch das Management; Dieses Buch liefert Ihnen die nötige Anleitung zum Verständnis der Anforderungen der Norm und zur Gewährleistung, dass ihr Implementierungsprojekt ein Erfolg wird. Dabei werden sechs Geheimtipps für den Erfolg gegeben. Background Die Erlangung und Aufrechterhaltung der akkreditierten Zertifizierung nach der internationalen Norm für Informationssicherheit-Management - ISO 27001 - kann ein kompliziertes Vorhaben darstellen, besonders dann, wenn die Norm...

Note: Includes bibliographical references. - Description based on online resource; title from title page (viewed March 16, 2017)

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

19

Online Resource

EU-DSGVO : Eine Kurzanleitung (2017)

Calder, Alan [VerfasserIn] 1957-

Ely, Cambridgeshire, United Kingdom : IT Governance Publishing

add to mindlist on the mindlist

Details

ISBN: 9781849288651

Language: German

Pages: 1 online resource (1 volume) , illustrations

Keywords: Data protection ; Law and legislation ; European Union countries ; Privacy, Right of ; European Union countries ; Computer security ; Law and legislation ; Electronic books ; Electronic books ; local

Abstract: Eine klare, prägnante Einführung zur EU-Datenschutz-Grundverordnung (DSGVO) Die EU-Datenschutzrichtlinie wird den Datenschutz vereinheitlichen und den Datenverkehr in der gesamten EU vereinfachen, wenn sie im Mai 2018 in Kraft tritt und für jede Organisation auf der Welt, die mit EU-Bürgern geschäftlich zu tun hat, zur Anwendung gelangen. Die Verordnung hat eine Reihe wichtiger Änderungen für Organisationen eingeführt. EU-DSG-VO - Eine Kurzanleitung bietet eine Übersicht über die Änderungen, welche Sie in ihrer Organisation vorzunehmen haben, um den neuen Vorschriften zu entsprechen. Produktübersicht EU-DSG-VO - Eine Kurzanleitung, liefert: Eine kurze Geschichte des Datenschutzes und der nationalen Datenschutzgesetze in der EU (wie die britische DPA, deutsche BDSG und französische LIL). In der Datenschutz-Grundverordnung DSG-VO [General Data Proetection Regulation, GDPR] verwendeten Begriffe und Definitionen einschließlich Erklärungen. Die wichtigsten Anforderungen der DSG-VO, unter anderem: Welche Geldbußen gelten für welche Artikel; Die sechs Grundsätze, die für die Erhebung und Verarbeitung personenbezogener Daten gelten sollten; Die Anwendbarkeit der Verordnung; Rechte der betroffenen Personen; Datenschutz-Folgenabschätzung (DPIA); Die Aufgabe des Datenschutzbeauftragten (DPO) und ob Sie einen solchen benötigen; Datenschutzverletzungen und Benachrichtigung der Aufsichtsbehörden sowie betroffenen Personen; Verpflichtungen für internationale Datenübertragungen. Wie die Verordnungsvorschriften eingehalten werden können, einschließlich: - Verständnis Ihrer Daten sowie wo und wie diese verwendet werden (z.B. Cloud-Anbieter, physische Datensätze); Verständnis Ihrer Daten sowie wo und wie diese verwendet werden (z.B. Cloud-Anbieter, physische Datensätze); Die Dokumente, die Sie verwalten müssen (z. B. Aussagen über die gesammelten und verarbeiteten Informationen, Aufzeichnungen über die Zustimmung der betroffenen Personen, Verfahren für den Schutz personenbezogener Daten); Die "geeigneten technischen und organisatorischen Maßnahmen", die Sie ergreifen müssen, um die Einhaltung der Verordnung zu gewährleisten. Ein vollständiges Verzeichnis der Verordnung für ein einfaches Auffinden der entsprechenden Artikel. Über den Autor Alan Calder, Gründer und Vorstandsvorsitzender der IT Governance Ltd, ist ein international anerkannter Cyber-Security-Experte und führender Autor auf dem Gebiet Informationssicherheit und IT-Governance. Er schrieb den endg...

Note: Includes bibliographical references. - Description based on online resource; title from title page (viewed March 16, 2017)

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

20

Online Resource

Nueve pasos para el éxito : Una visión de conjunto para la aplicación de la ISO 27001:2013 (2017)

Calder, Alan [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : IT Governance Publishing | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781849289306

Language: English , Spanish

Pages: 1 online resource (139 pages)

Edition: 1st edition

Keywords: Electronic books ; local

Abstract: Orientación paso a paso sobre la implementación de la ISO 27001 con éxito En lenguaje sencillo y nada técnico, esta guía le llevará por los pasos clave de un proyecto de la ISO 27001 para asegurar su éxito, desde el comienzo a la certificación: Encargo del proyecto Inicio del proyecto Inicio del SGSI Marco de la gestión Criterios de seguridad de referencia Gestión del riesgo Implementación Medición, monitorización y revisión Certificación Ahora en esta tercera edición y alineada con la ISO 27001:2013, esta guía es ideal para cualquiera que emprenda la norma por primera vez. "Es como tener un consultor de $300/h codo con codo mientras considera los aspectos de obtener apoyo de la gerencia, la planificación, el alcance, la comunicación, etc." Thomas F. Witwicki Con este libro, averiguará cómo: Conseguir apoyo de la gerencia y mantener la atención del consejo; Crear un marco de gestión y realizar un análisis de las deficiencias, para que pueda entender claramente los controles que ya tiene implantados e identificar dónde tiene que centrar sus esfuerzos; Estructurar y conseguir recursos para su proyecto, incluido le asesoramiento sobre si utilizar consultores o hacerlo usted mismo, y un examen de las herramientas y recursos disponibles que harán su trabajo más fácil; Llevar a cabo una evaluación del riesgo en cinco pasos, y crear una Declaración de aplicabilidad y un plan de tratamiento del riesgo; Integrar su SGSI de la ISO 27001 con un SGC de la ISO 9001 y otros sistemas de calidad; Abordar los retos de la documentación que afrontará cuando cree políticas empresariales, procedimientos, instrucciones de trabajo y registros, incluidas alternativas viables para un enfoque de prueba y error costoso; Mejorar continuamente su SGSI, incluida la auditoría y prueba internas, y la revisión gerencial; Este título le dará la orientación que necesita para entender los requisitos de la norma y asegurarse de que su proyecto de implementación sea un éxito, lo cual incluye los seis secretos para un éxito de certificación. Experiencia Lograr y mantener una certificación acreditada con la ISO 27001, la norma internacional que expone los requisitos de un SGSI, puede ser una tarea complicada, especialmente para los implementadores que sean nuevos con la norma. El autor, Alan Calder, conoce la ISO 27001 al derecho y al revés: es el fundador y presidente ejecutivo de IT Governance, y dirigió la implementación del primer sistema de gestión en lograr u...

Note: Online resource; Title from title page (viewed June 8, 2017) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

21

Online Resource

ISO27001/ISO27002 : Una guía de bolsillo (2017)

Calder, Alan [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : IT Governance Publishing | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781849289184

Language: English , Spanish

Pages: 1 online resource (83 pages)

Edition: 1st edition

Parallel Title: Erscheint auch als

Keywords: Data protection Standards ; Data protection Evaluation ; Electronic books ; local ; Protection de l'information (Informatique) ; Normes ; Protection de l'information (Informatique) ; Évaluation ; COMPUTERS ; Security ; General ; Data protection ; Standards ; Electronic books ; Electronic books ; Electronic books

Abstract: Proteja la información de su organización con la ISO27001:2013 La información es uno de los recursos más importantes de su organización y mantener esa información segura es vital para su negocio. Esta guía de bolsillo útil es una visión de conjunto esencial sobre las dos normas de la seguridad de la información clave que cubren los requisitos formales (ISO27001:2013) para crear un Sistema de Gestión de la Seguridad de la Información (SGSI) y las recomendaciones de mejores prácticas (ISO27002:2013) para aquellos responsables de iniciar, implementar o mantenerlo. Un SGSI basado en la ISO27001/ISO27002 ofrece un sinfín de beneficios: Eficacia mejorada implantando procedimientos y sistemas de seguridad de la información, que le permiten concentrarse en su actividad empresarial principal. Protege sus activos de información de un amplio abanico de ciberamenazas, actividad criminal, compromiso de información privilegiada y fallo del sistema. Gestione sus riesgos sistemáticamente y establezca planes para eliminar o reducir las ciberamenazas. Permite la detección temprana de amenazas o errores de procesamiento y una solicuón más rápida ¿Siguiente paso para la certificación? Puede organizar una auditoría independiente de su SGSI frente a las especificaciones de la ISO27001 y, si su SGSI se ajusta, finalmente logra la certificación acreditada. Publicamos una variedad de libros y herramientas de documentación del SGSI (como Nueve pasos para el éxito) para ayudarle a lograr esto. Índice La familia de normas de la seguridad de la información ISO-/IEC 27000; Historia de las Normas; Especificación frente al Código de Prácticas; Proceso de certificación; El SGSI y la ISO27001; Visión de conjunto de la ISO/IEC 27001:2013; Visión de conjunto de la ISO/IEC 27002:2013; Documentación y registros; Responsabilidad de la gestión; Enfoque del proceso y el ciclo PDCA; Contexto, política y alcance; Evaluación del riesgo; La declaración de aplicabilidad (SoA); Implementación; 15. Verificar y actuar; Revisión gerencial; ISO27001; Anexo A Acerca del autor Alan Calder es el fundador y presidente ejecutivo de IT Governance Ltd, una empresa de información, asesoramiento y consultoría que ayuda a los consejos de administración de empresas a abordar problemas de gobierno de TI, gestión del riesgo, cumplimiento y seguridad de la información. Tiene muchos años de experiencia en alta gerencia en los sectores públicos y privados. Una guía de bolsillo que proporciona una visi...

Note: Online resource; Title from title page (viewed June 1, 2017) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

22

Online Resource

ISO27001/ISO27002 : Un guide de poche (2017)

Calder, Alan [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : IT Governance Publishing | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781849289061

Language: English , French

Pages: 1 online resource (84 pages)

Edition: 1st edition

Keywords: Electronic books ; local

Abstract: Protégez l'information de votre organisation grâce à l'ISO27001 :2013 L'information est l'une des ressources les plus importantes de votre organisation, et la conservation de cette information est vitale pour votre entreprise Ce guide de poche pratique est un aperçu essentiel de deux normes clés en matière de sécurité de l'information, il couvre les exigences formelles (ISO27001:2013) pour la création d'un système de management de la sécurité de l'information (SMSI), ainsi que les recommandations des meilleures pratiques (ISO27002:2013) pour les responsables du lancement, de la mise en œuvre ou du suivi. Un SMSI se basant sur l'ISO27001/ISO27002 offre une foule d'avantages: Une amélioration de l'efficacité, en mettant en place des systèmes et des procédures de sécurité de l'information vous permettant de vous concentrer davantage sur votre activité principale. Il protège vos actifs d'information d'un large éventail de cyber-attaques, d'activités criminelles, de compromis internes et de défaillance du système. Gérez vos risques de façon systémique et établissez des plans pour éliminer ou réduire les menaces cybernétiques. Il permet une détection plus rapide des menaces ou des erreurs de traitement, et une résolution plus rapide. Prochaine étape vers la certification ? Vous pouvez organiser un audit indépendant de votre SMSI en fonction des spécifications de l'ISO27001 et, si votre SMSI est conforme, obtenir éventuellement une certification accréditée. Nous publions une série de boîtes à outils de documentations et des ouvrages sur le SMSI (tels que Neuf étapes vers le succès) pour vous aider à atteindre cet objectif. Sommaire La famille ISO/CEI 27000 des normes de sécurité de l'information ; Historique des normes ; Spécification ou Code de bonne pratique ; Procédure de certification ; Le SMSI et l'ISO27001 ; Aperçu de l'ISO/CEI 27001 :2013 ; Aperçu de l'ISO/CEI 27002 :2013 ; Documentation et enregistrements ; Responsabilités du management ; Approche procédurale et cycle PDCA ; Contexte, politique et domaine d'application ; Évaluation des risques ; La Déclaration d'Applicabilité ; Mise en œuvre ; Contrôler et agir ; Examen par le management ; ISO27001 Annexe A Concernant l'auteur Alan Calder est le fondateur et le président exécutif d'IT Governance Ltd, un cabinet d'information, d'avis et de conseils qui aide les conseils d'administration des entreprises à s'attaquer aux questions de gouvernance informatique, de gestion des risques,...

Note: Online resource; Title from title page (viewed April 11, 2017) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

23

Online Resource

Neuf étapes vers le succès : Un aperçu de la mise en œuvre de la norme ISO 27001:2013 (2017)

Calder, Alan [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : IT Governance Publishing | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781849289221

Language: English , French

Pages: 1 online resource (139 pages)

Edition: 1st edition

Keywords: Electronic books ; local

Abstract: Guide étape par étape vers une mise en œuvre réussie de la norme ISO 27001 Rédigé dans un langage pratique et non technique, ce guide vous guidera au travers des étapes clés d'un projet ISO 27001 afin d'en assurer le succès - de la création à la certification: Mandat du projet Lancement du projet Lancement du SMSI Cadre de management Critères de sécurité de base Gestion du risque Mise en œuvre Mesures, surveillance et réexamen Certification Aujourd'hui dans sa troisième édition et conforme à l'ISO 27001:2013, ce guide est idéal pour toute personne qui aborderait cette norme pour la première fois. « C'est comme avoir un consultant à 300 $/heure sous la main lorsque vous abordez les différentes questions relatives à la planification, au domaine d'application, à la communication, à la façon d'obtenir l'appui de la direction, etc. » Thomas F. Witwicki Avec ce livre, vous découvrirez comment: Obtenir le soutien de la direction et garder l'attention du conseil d'administration; Créer un cadre de gestion et effectuer une analyse des manques, afin de pouvoir clairement comprendre les contrôles que vous avez déjà mis en place et identifier où concentrer vos efforts; Structurer et mettre en valeur votre projet - y compris des conseils pour faire appel à des consultants ou le faire vous-même, et un examen des outils et des ressources disponibles qui faciliteront votre travail; Mener une évaluation des risques en cinq étapes et établir une déclaration d'applicabilité ainsi qu'un plan de traitement des risques; Intégrer votre SMSI ISO 27001 à un SGQ ISO 9001 et à d'autres systèmes de gestion; Répondre aux défis que vous devrez relever en matière de documentation lorsque vous créez des politiques d'entreprise, des procédures, des instructions de travail et des enregistrements : dont des alternatives viables à une approche coûteuse par « essais et erreurs » ; Améliorer continuellement votre SMSI, y compris par des audits et des tests internes, et l'examen par la direction; Cet ouvrage vous offrira les conseils dont vous avez besoin pour comprendre les exigences de la norme et vous assurer que votre projet de mise en œuvre est un succès. Il comprend six secrets pour une certification réussie. Historique L'obtention et le maintien d'une certification accréditée selon la norme ISO 27001, la norme internationale qui établit les exigences d'un SMSI, peut s'avérer une tâche compliquée, en particulier pour les responsables de la mise en œuvre qui d...

Note: Online resource; Title from title page (viewed April 20, 2017) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

24

Online Resource

ISO27001/ISO27002 : Ein Taschenführer (2017)

Calder, Alan [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : IT Governance Publishing | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781849289108

Language: English , German

Pages: 1 online resource (88 pages)

Edition: 1st edition

Keywords: Electronic books ; local

Abstract: Schützen Sie die Informationen Ihrer Organisation mit ISO27001:2013 Informationen gehören zu den wichtigsten Ressourcen Ihrer Organisation und ihre Sicherheit ist überlebenswichtig für Ihr Geschäft. Dieser praktische Taschenführer bietet einen grundlegenden Überblick über die beiden wichtigsten Informationssicherheitsstandards mit den formalen Anforderungen (ISO27001:2013) zum Erstellen eines Informationssicherheit-Managementsystems (ISMS) sowie Empfehlungen zu besten Verfahren (ISO27002:2013) für alle jenen, die dieses Einführen, Umsetzen oder Verwalten müssen. Ein auf der Norm ISO27001/ISO27002 basierendes ISMS bietet zahlreiche Vorteile: Verbessern Sie Ihre Effizienz durch Informationssicherheitssysteme und vorgehensweisen, dank derer Sie sich auf ihr Kerngeschäft konzentrieren können Schützen Sie Ihre Informationswerte vor einer Reihe von Cyber-Bedrohungen, krimineller Aktivitäten, Gefährdungen durch Insider und Systemausfälle Managen Sie Ihre Risiken systematisch und erstellen Sie Pläne zum Beseitigen oder Verringern von Cyber-Bedrohungen Erkennen Sie Bedrohungen oder Prozessfehler eher und beheben Sie sie schneller Der nächste Schritt zur Zertifizierung? Sie können einen unabhängigen Audit Ihres ISMS anhand der Spezifikationen der Norm ISO27001 vornehmen lassen und, wenn dieser die Konformität Ihres ISMS bestätigt, unter Umständen einen akkreditierte Zertifizierung erhalten. Wir veröffentlichen eine Reihe von Toolkits und Büchern zum Thema ISMS (wie „Nine Steps to Success“), die Sie dabei unterstützen. Inhalt Die ISO/IEC 27000 Familie von Informationssicherheitsstandards; Hintergrund der Normen; Unterschied Spezifikation - Leitfaden; Zertifizierungsprozess; Die ISMS und ISO27001; Überblick über ISO/IEC 27001:2013; Überblick über ISO/IEC 27002:2013; Dokumente und Aufzeichnungen; Führungsverantwortung; Prozessansatz und PDCA-Zyklus; Kontext, Politik und Anwendungsbereich; Risikobeurteilung; Die Erklärung zur Anwendbarkeit; Umsetzung; Überprüfung und Handeln; Managementprüfung; ISO27001 Anhang A; Über den Autor Alan Calder ist Gründer und Vorstandsvorsitzender der IT Governance Ltd, ein Informations-, Analyse- und Beratungsunternehmen, das Unternehmen bei der Verwaltung von IT-Governance-, Risikomanagement-, Compliance- und Informationssicherheitsfragen unterstützt. Er verfügt über eine langjährige Erfahrung im Senior Management im privaten und öffentlichen Sektor. Dieser praktische Taschenführer bietet einen grundlegenden Übe...

Note: Online resource; Title from title page (viewed April 11, 2017) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

25

Online Resource

EU GDPR : a pocket guide (2016)

Calder, Alan [VerfasserIn] 1957-

Ely, Cambridgeshire, United Kingdom : IT Governance Publishing

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (1 volume)

Keywords: Data protection ; Law and legislation ; European Union countries ; Privacy, Right of ; European Union countries ; Computer security ; Law and legislation ; Electronic books ; Electronic books ; local

Abstract: EU GDPR - A Pocket Guide, second edition provides an accessible overview of the changes you need to make in your organisation to comply with the new law. The EU General Data Protection Regulation unifies data protection across the EU. It applies to every organisation in the world that does business with EU residents. The Regulation introduces a number of key changes for organisations - and the change from DPA compliance to GDPR compliance is a complex one. New for the second edition: Updated to take into account the latest guidance from WP29 and ICO. Improved guidance around related laws such as the NIS Directive and the future ePrivacy Regulation. This pocket guide also sets out: A brief history of data protection and national data protection laws in the EU (such as the UK DPA, German BDSG and French LIL). The terms and definitions used in the GDPR, including explanations. The key requirements of the GDPR How to comply with the Regulation A full index of the Regulation, enabling you to find relevant Articles quickly and easily. This guide is the ideal resource for anyone wanting a clear, concise primer on the EU GDPR.

Note: Description based on online resource; title from title page (Safari, viewed August 26, 2016)

URL: https://learning.oreilly.com/library/view/-/9781849288330/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

26

Online Resource

EU GDPR & EU-US Privacy Shield : a pocket guide (2016)

Calder, Alan [VerfasserIn] 1957-

Ely, Cambridgeshire, United Kingdom : IT Governance Publishing

add to mindlist on the mindlist

Details

ISBN: 9781849288736

Language: English

Pages: 1 online resource (1 volume) , illustrations

Keywords: Data protection ; Law and legislation ; European Union countries ; Privacy, Right of ; European Union countries ; Computer security ; Law and legislation ; European Union countries ; Electronic books ; Electronic books ; local

Abstract: A concise introduction to EU GDPR and EU-US Privacy Shield The EU General Data Protection Regulation will unify data protection and simplify the use of personal data across the EU when it comes into force in May 2018. It will also apply to every organization in the world that processes personal information of EU residents. US organizations that process EU residents' personal data will be able to comply with the GDPR via the EU-US Privacy Shield (the successor to the Safe Harbor framework), which permits international data transfers of EU data to US organizations that self-certify that they have met a number of requirements. EU GDPR & EU-US Privacy Shield - A Pocket Guide provides an essential introduction to this new data protection law, explaining the Regulation and setting out the compliance obligations for US organizations in handling data of EU citizens, including guidance on the EU-US Privacy Shield. Product overview EU GDPR & EU-US Privacy Shield - A Pocket Guide sets out: A brief history of data protection and national data protection laws in the EU (such as the UK DPA, German BDSG and French LIL). The terms and definitions used in the GDPR, including explanations. The key requirements of the GDPR, including: Which fines apply to which Articles; The six principles that should be applied to any collection and processing of personal data; The Regulation's applicability; Data subjects' rights; Data protection impact assessments (DPIAs); The role of the data protection officer (DPO) and whether you need one; Data breaches, and the notification of supervisory authorities and data subjects; Obligations for international data transfers. How to comply with the Regulation, including: Understanding your data, and where and how it is used (e.g. Cloud suppliers, physical records); The documentation you need to maintain (such as statements of the information you collect and process, records of data subject consent, processes for protecting personal data); The "appropriate technical and organizational measures" you need to take to ensure your compliance with the Regulation. The history and principles of the EU-US Privacy Shield, and an overview of what organizations must do to comply. A full index of the Regulation, enabling you to find relevant Articles quickly and easily.

Note: Includes bibliographical references and index. - Description based on online resource; title from title page (Safari, viewed July 26, 2017)

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

27

Online Resource

Nine steps to success : an ISO 27001:2013 implementation overview (2016)

Calder, Alan [VerfasserIn] 1957-

Ely, Cambridgeshire, United Kingdom : IT Governance Publishing

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (1 volume)

Edition: Third edition.

Keywords: Data protection ; Computer security ; Business enterprises ; Computer networks ; Security measures ; Electronic books ; Electronic books ; local

Abstract: In Nine Steps to Success - An ISO 27001 Implementation Overview, Alan provides a comprehensive overview of how to lead a successful ISO 27001-compliant ISMS implementation in just nine steps.

Note: Previous edition: 2013. - Includes bibliographical references. - Description based on online resource; title from title page (Safari, viewed May 18, 2016)

URL: https://learning.oreilly.com/library/view/-/9781849288255/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

28

Online Resource

Selling information security to the board : a primer (2016)

Calder, Alan [VerfasserIn] 1957-

Ely, United Kingdom : IT Governance Publishing

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (1 volume) , illustrations

Edition: Second edition.

Keywords: Business enterprises ; Computer networks ; Security measures ; Selling ; Computer security ; Information technology ; Electronic books ; Electronic books ; local

Abstract: This pocket guide will help you with the essential sales skills that, persuade company directors to commit money and resources to your information security initiatives.

Note: Previous edition: 2010. - Includes bibliographical references. - Description based on online resource; title from title page (Safari, viewed May 20, 2016)

URL: https://learning.oreilly.com/library/view/-/9781849288019/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

29

Online Resource

Reglamento General de Protección de Datos (RGPD) de la UE : Una guía de bolsillo (2016)

Calder, Alan [VerfasserIn] 1957-

Ely, Cambridgeshire, United Kingdom : IT Governance Publishing

add to mindlist on the mindlist

Details

ISBN: 9781849288859

Language: Spanish

Pages: 1 online resource (1 volume) , illustrations

Keywords: Data protection ; Law and legislation ; European Union countries ; Privacy, Right of ; European Union countries ; Computer security ; Law and legislation ; Electronic books ; Electronic books ; local

Abstract: Una cartilla clara y concisa sobre el RGPD El Reglamento General de Protección de Datos de la UE (RGPD) unificará la protección de datos y facilitará el flujo de datos personales en toda la UE a partir del 25 de mayo de 2018, cuando sustituirá automáticamente a las leyes nacionales de protección de datos de los estados miembros de la UE. La ley también se aplicará a todas las organizaciones en el mundo que hacen negocios con residentes de la UE. El Reglamento introduce una serie de cambios clave para todas las organizaciones que procesan los datos personales de los residentes de la UE. Reglamento General de Protección de Datos (RGPD) de la UE Una guía de bolsillo proporciona una visión general accesible de los cambios que necesitas hacer en tu organización para cumplir la nueva ley. Reglamento General de Protección de Datos (RGPD) de la UE Una guía de bolsillo establece: Una introducción a la protección de datos y leyes nacionales de protección de datos en la UE (como el BDSG en Alemania, LIL en Francia y DPA en el Reino Unido). Los términos y definiciones utilizados en el RGPD Los principales requisitos del RGPD; Multas aplicadas a cada artículo Seis principios a seguir para cada recopilación y tratamiento de datos personales; Aplicabilidad del Reglamento; Derechos de los interesados; Evaluación del impacto de la protección de datos Papel del responsable del tratamiento Infracciones y notificación a las autoridades de supervisión y a los interesados Obligaciones para transferencias internacionales de datos Cómo cumplir el Reglamento: Entender los datos de la organización: dónde están y cómo se utilizan Documentación para completar Medidas técnicas a seguir para cumplir el Reglamento Índice del Reglamento Alan Calder, fundador y presidente ejecutivo de IT Governance Ltd, es un experto en seguridad cibernética reconocido internacionalmente y un autor en temas de seguridad de la información y gobernanza de TI. Alan es coautor de IT Governance: An International Guide to Data Security and ISO27001/ISO27002, el manual elegido por la Open University para el curso de posgrado en seguridad de la información. Ha participado en el desarrollo de una amplia gama de cursos de formación en gestión de la seguridad de la información, acreditados por la International Board for IT Governance Qualifications (IBITGQ). Alan ha consultado sobre seguridad de datos para numerosos clientes en el Reino Unido y en el extranjero.

Note: Includes bibliographical references. - Description based on online resource; title from title page (viewed March 16, 2017)

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

30

Online Resource

PCI DSS : a pocket guide (2015)

Calder, Alan [VerfasserIn] 1957- ; Williams, Geraint [MitwirkendeR]

Ely, Cambridgeshire, United Kingdom : IT Governance Publishing

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (1 volume)

Edition: Fifth edition.

Keywords: Data protection ; Standards ; Electronic commerce ; Security measures ; Computer networks ; Security measures ; Liability for credit information ; Credit cards ; Electronic books ; Electronic books ; local

Abstract: An ideal introduction and a quick reference to PCI DSS version 3.2 All businesses that accept payment cards are prey for hackers and criminal gangs trying to steal financial information and commit identity fraud. The PCI DSS (Payment Card Industry Data Security Standard) exists to ensure that businesses process credit and debit card orders in a way that effectively protects cardholder data. All organisations that accept, store, transmit or process cardholder data must comply with the Standard; failure to do so can have serious consequences for their ability to process card payments. Product overview Co-written by a PCI QSA (Qualified Security Assessor) and updated to cover PCI DSS version 3.2, this handy pocket guide provides all the information you need to consider as you approach the PCI DSS. It is also an ideal training resource for anyone in your organisation involved with payment card processing. Coverage includes: An overview of PCI DSS v3.2. A PCI self-assessment questionnaire (SAQ). Procedures and qualifications. An overview of the Payment Application Data Security Standard (PA-DSS). Contents What is the Payment Card Industry Data Security Standard (PCI DSS)? What is the scope of the PCI DSS? Compliance and compliance programmes Consequences of a breach How do you comply with the requirements of the Standard? Maintaining compliance PCI DSS - The Standard Aspects of PCI DSS compliance The PCI self-assessment questionnaire Procedures and qualifications The PCI DSS and ISO/IEC 27001 The Payment Application Data Security Standard (PA-DSS) PIN transaction security (PTS) About the authors Alan Calder is the founder and executive chairman of IT Governance Ltd, an information, advice and consultancy firm that helps company boards tackle IT governance, risk management, compliance and information security issues. He has many years of senior management experience in the private and public sectors. Geraint Williams is a knowledgeable and experienced senior information security consultant and PCI QSA, with a strong technical background and experience of the PCI DSS and security testing. He leads the IT Governance CISSP Accelerated Training Programme, as well as the PCI Foundation and Implementer training courses. He has broad technical knowledge of security and IT infrastructure, including high performance computing and Cloud computing. His certifications include CISSP, PCI QSA, CREST Registered Tester, CEH and CHFI.

Note: "Compliance series"--Cover. - Description based on online resource; title from title page (Safari, viewed August 26, 2016)

URL: https://learning.oreilly.com/library/view/-/9781849288446/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

31

Online Resource

PCI DSS : a pocket guide (2015)

Calder, Alan [VerfasserIn] 1957- ; Williams, Geraint [MitwirkendeR]

Ely, Cambridgeshire, United Kingdom : IT Governance Publishing

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (1 volume)

Edition: Fourth edition.

Keywords: Data protection ; Standards ; Electronic commerce ; Security measures ; Computer networks ; Security measures ; Liability for credit information ; Credit cards ; Electronic books ; Electronic books ; local

Abstract: An ideal introduction and a quick reference to PCI DSS version 3.1 All businesses that accept payment cards are prey for hackers and criminal gangs trying to steal financial information and commit identity fraud. The PCI DSS (Payment Card Industry Data Security Standard) exists to ensure that businesses process credit and debit card orders in a way that effectively protects cardholder data. All organizations that accept, store, transmit, or process cardholder data must comply with the Standard; failure to do so can have serious consequences for their ability to process card payments. Product overview Co-written by a PCI QSA (Qualified Security Assessor) and updated to cover PCI DSS version 3.1, this handy pocket guide provides all the information you need to consider as you approach the PCI DSS. It is also an ideal training resource for anyone in your organization involved with payment card processing. Coverage includes: An overview of PCI DSS v3.1. A PCI self-assessment questionnaire (SAQ). Procedures and qualifications. An overview of the Payment Application Data Security Standard (PA-DSS). Contents What is the Payment Card Industry Data Security Standard (PCI DSS)? What is the scope of the PCI DSS? Compliance and compliance programmes Consequences of a breach How do you comply with the requirements of the Standard? Maintaining compliance PCI DSS - The Standard Aspects of PCI DSS compliance The PCI self-assessment questionnaire Procedures and qualifications The PCI DSS and ISO/IEC 27001 The Payment Application Data Security Standard (PA-DSS) PIN transaction security (PTS) About the authors Alan Calder is the founder and executive chairman of IT Governance Ltd, an information, advice and consultancy firm that helps company boards tackle IT governance, risk management, compliance, and information security issues. He has many years of senior management experience in the private and public sectors. Geraint Williams is a knowledgeable and experienced senior information security consultant and PCI QSA, with a strong technical background and experience of the PCI DSS and security testing. He leads the IT Governance CISSP Accelerated Training Programme, as well as the PCI Foundation and Implementer training courses. He has broad technical knowledge of security and IT infrastructure, including high performance computing and Cloud computing. His certifications include CISSP, PCI QSA, CREST Registered Tester, CEH, and CHFI.

Note: "Compliance series"--Cover. - Includes bibliographical references. - Description based on online resource; title from title page (Safari, viewed June 10, 2016)

URL: https://learning.oreilly.com/library/view/-/9781849287838/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

32

Online Resource

ISO27001/ISO27002 : a pocket guide (2013)

Calder, Alan [VerfasserIn] 1957-

Ely, Cambridgeshire, United Kingdom : IT Governance Publishing

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (1 volume)

Edition: Second edition.

Keywords: Computer security ; Standards ; Data protection ; Electronic books ; Electronic books ; local

Abstract: Information is one of your organisation's most important resources and keeping that information secure is vital to your business. An information security management system (ISMS) based on ISO27001/ISO27002 offers a host of benefits: Improved efficiency by having information security systems and procedures in place, enabling you to focus more on your core business. Protects your information assets from a wide range of cyber threats, criminal activity, insider compromise and system failure. Manage your risks systematically and establish plans to eliminate or reduce cyber threats. Enables earlier detection of threats or processing errors, and faster resolution. This handy pocket guide is an essential overview of two key information security standards that cover the formal requirements (ISO27001:2013) for creating an information security management system (ISMS), and the best-practice recommendations (ISO27002:2013) for those responsible for initiating, implementing or maintaining it.

Note: Previous edition: 2008. - Includes bibliographical references. - Description based on online resource; title from title page (Safari, viewed June 10, 2016)

URL: https://learning.oreilly.com/library/view/-/9781849285247/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

33

Online Resource

ISO27001 / ISO27002, A Pocket Guide, Second Edition (2013)

Calder, Alan [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : IT Governance Publishing | Boston, MA : Safari

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (78 pages)

Edition: 2nd edition

Keywords: Electronic books ; local

Abstract: Protect your organisation's information assets using ISO27001:2013 Information is one of your organisation's most important resources. Keeping it secure is therefore vital to your business. This handy pocket guide is an essential overview of two key information security standards that cover the formal requirements (ISO27001:2013) for creating an Information Security Management System (ISMS), and the best-practice recommendations (ISO27002:2013) for those responsible for initiating, implementing or maintaining it. Furthering the objectives of your organisation Information security means much more than a technology solution, and requires buy-in from senior managers and the collaboration of all staff in the organisation. For this reason, ISO27001 is not a one-size-fits solution, nor is it designed to be a static, fixed entity. By looking at ISO27001 and ISO27002 together, this pocket guide gives a wider view of what it means to implement an ISO27001 ISMS. Creating an ISMS based on ISO27001/ISO27002 will help you to: Improve efficiency by having systems and procedures in place that mean people spend less time 'fire-fighting' and reacting in an ad-hoc way to security incidents. Protect your information assets from a wide range of cyber threats, such as criminal activity and fraud, user errors, outside attack, insider compromise and system failure. Manage risk systematically and put in place a plan to eliminate or reduce cyber threats to your organisation. Prepare for the worst as ISO27001 requires you to monitor information security events, enabling earlier detection of threats or processing errors, and faster resolution. Completely up to date with the latest 2013 release of ISO27001, ISO27001/ISO27002: A Pocket Guide covers: The ISO/IEC 27000:2013 family of information security standards Background to the standards certification process The ISMS and ISO27001:2013 Specification vs. Code of Practice Documentation & Records Management Responsibility Policy & Scope Risk Assessment Implementation Continual Improvement Next step to certification? If your ISMS conforms to the specification of ISO27001, you can arrange for an independent audit of the ISMS against that specification and eventually achieve certification. We publish a range of ISMS documentation toolkits and books such as Nine Steps to Success, to help you do this. Buy this book and start securing your information assets today

Note: Online resource; Title from title page (viewed October 3, 2013) , Mode of access: World Wide Web.

URL: https://learning.oreilly.com/library/view/-/9781849285230/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

34

Online Resource

Nine Steps to Success : An ISO27001:2013 Implementation Overview, Second Edition (2013)

Calder, Alan [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : IT Governance Publishing | Boston, MA : Safari

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (98 pages)

Edition: 2nd edition

Keywords: Electronic books ; local

Abstract: Take your first step with Nine Steps Completely up to date with ISO27001:2013, this is the new edition of the original no-nonsense guide to successful ISO27001 certification. Ideal for anyone tackling ISO27001 for the first time, Nine Steps to Success outlines the nine essential steps to an effective ISMS implementation. Nine critical steps that mean the difference between project success and abject failure. Step-by-step advice for ISO27001: 2013 project success Based on his many years of first-hand experience with ISO27001, Alan Calder covers every single element of the ISO27001 project in simple, non-technical language, including: how to get management and board buy-in how to get cross-organizational, cross functional buy-in the gap analysis: how much do you really need to do? how to integrate with ISO9001 and other management systems how to structure and resource your project use consultants or do it yourself? the timetable and project plan risk assessment methodologies and tools the documentation challenges how to choose a certification body Read this book and discover the secrets of successful ISO27001:2013 certification

Note: Online resource; Title from title page (viewed October 3, 2013) , Mode of access: World Wide Web.

URL: https://learning.oreilly.com/library/view/-/9781849285117/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

35

Online Resource

PCI DSS : a pocket guide (2013)

Calder, Alan [VerfasserIn] 1957- ; Williams, Geraint [MitwirkendeR]

Ely, Cambridgeshire, U.K. : IT Governance Pub.

add to mindlist on the mindlist

Details

ISBN: 9781849285551 , 1849285551

Language: English

Pages: 1 online resource (1 v.)

Edition: 3rd ed.

Keywords: Data protection ; Standards ; Electronic commerce ; Security measures ; Computer networks ; Security measures ; Liability for credit information ; Credit cards ; Electronic books ; Electronic books ; local

Abstract: Get started with PCI DSS Protect your customers' card data All businesses that accept payment cards are prey for hackers and criminal gangs trying to steal payment card details and commit identity fraud. The PCI DSS (Payment Card Industry Data Security Standard) exists to ensure that businesses process credit and debit card orders in a way that effectively protects cardholder data. Failing to comply with the standard can have serious consequences for your ability to process card payments. An ideal introduction and a quick reference to PCI DSS, including version 3.0 Co-written by a PCI QSA (Qualified Security Assessor) and updated to also cover PCI DSS version 3.0, this handy pocket guide provides all the information you need to consider as you approach the PCI DSS. It is also an ideal training resource for anyone in your organisation who deals with payment card processing. Coverage includes: an overview of Payment Card Industry Data Security Standard V3.0 the consequences of a breach how to comply with the standard a PCI self-assessment questionnaire (SAQ) procedures and qualifications an overview of the Payment Application Data Security Standard Buy this pocket guide and get to grips with PCI DSS, including version 3.0 This title is part of The ITGP Compliance Series , a suite of essential guides to regulatory and legal compliance. Designed to help organisations in their efforts to address issues such as PCI DSS, anti-bribery policy management and data protection, this series is indispensable for anyone seeking to align their policies and procedures with laws and regulations. The guides also provide a quick, cost-effective way to raise awareness of key issues among staff, partners and external customers. About the Authors Alan Calder is the Founder and Executive Chairman of IT Governance Ltd, an information, advice and consultancy firm that helps company boards tackle IT governance, risk management, compliance and information security issues. He has many years of senior management experience in the private and public sectors. Geraint Williams is a knowledgeable and experienced senior information security consultant and PCI QSA, with a strong technical background and experience of the PCI DSS and security testing. Geraint has provided consultancy on implementation of the PCI DSS and conducted audits with a wide range of merchants and service providers. He has performed penetration testing and vulnerability assessments for various clients. Gera...

Note: "Compliance series"--Cover. - Description based on online resource; title from title page (Safari, viewed Apr. 8, 2014)

URL: https://learning.oreilly.com/library/view/-/9781849285551/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

36

Online Resource

ISO27000 and information security : a combined glossary (2010)

Calder, Alan [VerfasserIn] 1957- ; Watkins, Steve G [MitwirkendeR]

Ely, Cambridgeshire, U.K. : IT Governance Pub.

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (1 v.)

Parallel Title: Erscheint auch als

Keywords: Computer security ; Dictionaries ; Computer security ; Terminology ; Business enterprises ; Computer networks ; Security measures ; Auditing ; Dictionaries ; Computer security ; Management ; Standards ; Dictionaries ; Data protection ; Management ; Standards ; Dictionaries ; Information technology ; Standards ; Dictionaries ; Confidential business information ; Dictionaries ; Electronic books ; Electronic books ; local

Abstract: Get to grips with key ISO27000 and information security vocabulary with this indispensable, concise pocket guide! Information security is of crucial importance to your business. If you don't know the difference between a cookie and a worm, or between war-chalking and digital watermarking, you are sure to find this guide enlightening. The strength of the book is that it is a combined glossary, enabling you to find explanations of geek slang, procedural language and acronyms all in one place. The combined glossary is a revised edition of the popular A Dictionary of Information Security Terms , and this new edition has been able to draw on the definitions provided in ISO/IEC 27000:2009 - Security Techniques - Information security management systems - Overview and vocabulary . What's new? Further definitions are sourced from ISO/IEC Guide 73:2002 to provide you with authoritative explanations of those information security terms that are used across the ISO framework. The combined glossary has taken account of an important change on the information security scene, and contains some new acronyms and definitions from the Payment Card Industry Data Security Standard (PCI DSS). Benefits to business include: Understand what everyone else is talking about The fact that you're reading this suggests you take an interest in information security. Whether you work in business or in the public sector, it's an issue that's likely to come up. If you're given a position paper to read on information security, or have to attend a briefing, you will want to form your own opinion, particularly when the discussion directly affects your company. Meekly accepting arguments you don't understand is never a good idea, especially not when large sums of money are involved. With the clear, reliable definitions contained in this combined glossary, you can finally get to grips with the problem. Understand what you're talking about Any modern organisation relies on its IT systems. Although IT may not be your speciality, cybercrime affects all of us. So, wherever you work, if you are in a position of responsibility, then at some point, you will need to form a view on information security and put your point across. You can use this combined glossary to bring your arguments into sharper focus. The pocket guide will prove invaluable not only to business executives but also to civil servants and lawyers, as well as to people working in financial services and the media. Assist ISO im...

Note: "First published in the United Kingdom in 2007 (as A Dictionary of Information Security Terms, Abbreviations and Acronyms)"--T.p. verso. - Description based on print version record

URL: https://learning.oreilly.com/library/view/-/9781849281652/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

37

Online Resource

Information security risk management for ISO27001/ISO27002 (2010)

Calder, Alan [VerfasserIn] 1957- ; Watkins, Steve G [MitwirkendeR]

[Ely, UK?] : IT Governance

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (1 v.) , ill.

Keywords: Computer networks ; Security measures ; Risk management ; Electronic books ; Electronic books ; local

Abstract: Plan and carry out a risk assessment to protect your business information. In the knowledge economy, organisations have to be able to protect their information assets. Information security management has, therefore, become a critical corporate discipline. The international code of practice for an information security management system (ISMS) is ISO27002. As the code of practice explains, information security management enables organisations to 'ensure business continuity, minimise business risk, and maximise return on investments and business opportunities'. Information Security Management System requirements The requirements for an ISMS are specified in ISO27001. Under ISO27001, a risk assessment has to be carried out before any controls can be selected and implemented, making risk assessment the core competence of information security management. This book provides information security and risk management teams with detailed, practical guidance on how to develop and implement a risk assessment in line with the requirements of ISO27001. International best practice Drawing on international best practice, including ISO/IEC 27005, NIST SP800-30 and BS7799-3, the book explains in practical detail how to carry out an information security risk assessment. It covers key topics, such as risk scales, threats and vulnerabilities, selection of controls, and roles and responsibilities, and includes advice on choosing risk assessment software. Benefits of a risk assessment Stop the hacker . With a proper risk assessment, you can select appropriate controls to protect your organisation from hackers, worms and viruses, and other threats that could potentially cripple your business. Achieve optimum ROI. Failure to invest sufficiently in information security controls is 'penny wise, pound foolish', since, for a relatively low outlay, it is possible to minimise your organisation's exposure to potentially devastating losses. However, having too many safeguards in place will make information security system expensive and bureaucratic; so without accurate planning your investment in information security controls can become unproductive. With the aid of a methodical risk assessment, you can select and implement your information security controls to ensure that your resources will be allocated to countering the major risks to your organisation. In this way, you will optimise your return on investment. Build customer confidence. Protecting your information security ...

Note: Publication information taken from resource description page (Safari, viewed August 19, 2013). - Includes bibliographical references. - Description based on online resource; title from cover

URL: https://learning.oreilly.com/library/view/-/9781849281492/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

38

Online Resource

Selling Information Security to the Board : A Primer (2010)

Calder, Alan [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : IT Governance Publishing | Boston, MA : Safari

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (64 pages)

Edition: 1st edition

Keywords: Electronic books ; local

Abstract: Information technology plays a fundamental role in the operations of any modern business. While the confidentiality and integrity of your organisation's information have to be protected, a business still needs to have this information readily available in order to be able to function from day to day. If you are an information security practitioner, you need to be able to sell complex and often technical solutions to boards and management teams. Persuading the board to invest in information security measures requires sales skills. As an information security professional, you are a scientific and technical specialist; and yet you need to get your message across to people whose primary interests lie elsewhere, in turnover and overall performance. In other words, you need to develop sales and marketing skills. This pocket guide will help you with the essential sales skills that persuade company directors to commit money and resources to your information security initiatives. How this book can help information security professionals: Understand basic sales techniques Find out what to do to capture the attention of management and win them over Understand how to present yourself Present yourself so that management takes you seriously, and ensure your proposal receives a proper hearing. Find out how to earn management's trust This guide shows you how to persuade management that you are the kind of information security professional who is interested in supporting, rather than impeding, business success. Learn how to craft a successful proposal This guide offers you invaluable tips on how to write a proposal that will communicate your ideas effectively to senior executives. Improve your powers of persuasion with the board ... Buy this pocket guide today!

Note: Online resource; Title from title page (viewed June 24, 2010) , Mode of access: World Wide Web.

URL: https://learning.oreilly.com/library/view/-/9781849280549/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

39

Online Resource

The green agenda : a business guide (2009)

Calder, Alan [VerfasserIn] 1957-

[Erscheinungsort nicht ermittelbar] : IT Governance Pub.

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (1 v.)

Parallel Title: Erscheint auch als

Keywords: Information technology ; Environmental aspects ; Business enterprises ; Environmental aspects ; Social responsibility of business ; Business ethics ; Environmental protection ; Global warming ; Electronic books ; Electronic books ; local

Abstract: Reap the rewards of a Green IT Strategy with this essential guide Climate change can be an emotive issue. This book takes a cool look at the subject and shows you what makes it relevant to your business. A big part of the answer is energy. Computers consume a lot of energy, and energy costs money. The cost of powering and cooling data servers over three years is currently 1.5 times the cost of purchasing the server hardware. Over the next two decades, global demand for energy is predicted to rise by 50%, which means that your long-term energy costs are also likely to increase. In the end, if your organisation's energy costs are high, it makes sense for you to focus on ways to reduce energy consumption. Improving the efficiency of data centre power supplies and reducing IT power requirements in the office are examples of how Green IT can yield a substantial return on investment. This business guide to Green IT was written to introduce, to a business audience, the opposing groups and the key climate change concepts, to provide an overview of a Green IT strategy and to set out a straightforward, bottom-line orientated Green IT action plan. Benefits to business of a Green IT strategy: Cut costs A Green IT strategy, including such measures as switching off PCs at night, or introducing Cloud Computing, will enable you to reduce the amount of energy that your organisation consumes and, therefore, to cut costs. Improve sales Products that can demonstrate their green credentials are more attractive to consumers. As organisations pursue more ambitious environmental objectives, they are putting their suppliers under increasing pressure to improve their own environmental record. Meanwhile, the public sector has adopted rigorous standards for Green procurement. With Green IT you can help your company to reach more customers and to win new business. Enhance your organisation's reputation The environment is an emotional issue, and environmental concerns affect the way your company is perceived by consumers. Green IT will support your company's Corporate Social Responsibility (CSR) strategy by reducing the environmental impact of your operations. The evidence suggests that the market rewards companies whose practices are environmentally responsible. Conform to regulations and standards New regulations, such as the Waste Electrical and Electronic Equipment (WEEE) Directive, aim to reduce the effects on the environment resulting from the use and disposal of I...

Note: Includes bibliographical references. - Description based on print version record

URL: https://learning.oreilly.com/library/view/-/9781849281348/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

40

Online Resource

IT governance : implementing frameworks and standards for the corporate governance of IT (2009)

Calder, Alan [VerfasserIn] 1957- ; Moir, Steve [MitwirkendeR]

[Erscheinungsort nicht ermittelbar] : IT Governance Pub.

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (1 v.) , ill.

Parallel Title: Erscheint auch als

Keywords: Information technology ; Management ; Business enterprises ; Computer networks ; Information technology ; Evaluation ; Auditing ; Standards ; Electronic books ; Electronic books ; local

Abstract: Use an IT Governance strategy to reduce risk An Introduction for Directors and IT professionals The modern organisation is increasingly working within the context of corporate governance. The subject dictates their day-to-day and strategic activities, especially corporate information asset risk management and investment, and the ICT infrastructure within which those information assets are collected, manipulated, stored and deployed. But what is corporate governance, and why is it important to the IT professional? Why is IT governance important to the company director, and what do directors of companies - both quoted and unquoted - need to know? The Calder-Moir Framework The book also explains how to integrate each standard and framework using The Calder-Moir Framework (download for free from www.itgovernance.co.uk/calder_moir.aspx ), which was developed specifically to help organisations manage and govern their IT operations more effectively, and to coordinate the sometimes wide range of overlapping and competing frameworks and standards. It also specifically supports implementation of ISO/IEC 38500, the international standard for best practice IT governance. Practical IT Governance guidance Board executives and IT professionals can learn to maximise their use of the numerous IT management and IT governance frameworks and standards - particularly ISO/IEC 38500 - to best corporate and commercial advantage. Build an IT Governance Framework Within a 'super framework', or 'meta -framework', you can integrate each of these standards and frameworks whilst making sure that each can deliver what it was designed to do. Developing an overarching framework will enable your organisation to design IT governance to meet your own needs.

Note: Includes bibliographical references. - Description based on print version record

URL: https://learning.oreilly.com/library/view/-/9781849281287/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

41

Online Resource

The Green Office : A Business Guide (2009)

Calder, Alan [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : IT Governance Publishing | Boston, MA : Safari

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (62 pages)

Edition: 1st edition

Keywords: Electronic books ; local

Abstract: A Green office is a cost-effective office! Understand why with this handy reference guide!

Note: Online resource; Title from title page (viewed March 5, 2009) , Mode of access: World Wide Web.

URL: https://learning.oreilly.com/library/view/-/9781849280044/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

42

Online Resource

Business continuity and BS25999 : a combined glossary (2008)

Calder, Alan [VerfasserIn] 1957-

Cambridgeshire, UK : IT Governance Pub.

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (1 v.) , ill.

Keywords: Business planning ; Operational risk ; Emergency management ; Information technology ; Electronic books ; Electronic books ; local

Abstract: The first glossary to present the full range of terms relating to business continuity BS25999 is the formal standard for business continuity management. This invaluable pocket guide will help you to understand the language of business continuity. It contains definitions both of the key words in BS25999 and of the relevant terms found in the information security standard, ISO27001. Other definitions provided in the glossary have been taken from the earlier glossaries published by the Business Continuity Institute and the DRI (Institute for Continuity Management), from the IT service management standard, ISO20000, and from the IT Infrastructure Library (ITILv3). Created to facilitate the adoption of BS25999, the combined glossary sets out the most common business continuity terms and offers an authoritative explanation of what they mean. It will therefore enable business continuity to be discussed clearly and consistently throughout the English-speaking world. Benefits to business include: Improve communication and cooperation Business continuity management requires commitment at boardroom level, and involves many different people within a given organisation. The purpose of this glossary is to facilitate communication and thereby make it easier for IT managers, business continuity professionals and senior executives to cooperate Find a glossary that is comprehensive Just as business continuity affects many different functions within the organisation, so it also touches upon other standards besides BS25999. This glossary combines definitions of words from BS25999 with terms both from other information security standards and from the IT Infrastructure Library. As the first truly comprehensive glossary of business continuity terms, this pocket guide is the only book where you can find an explanation of all the relevant business continuity terms in one place Stay in the loop If your organisation is setting up a business continuity management plan, you have a choice. Either you get involved in the process, or the key decisions will be taken without your input. If you want to be kept in the loop on business continuity planning, this guide can help you to understand what people are talking about and how it relates to your area of responsibility Help your staff to plan for an emergency Business continuity planning is a vital imperative for those public sector organisations that are responsible for frontline services. Under the UK Civil Contingencies Act...

Note: Description based on online resource; title from title page (Safari, viewed Dec. 18, 2013)

URL: https://learning.oreilly.com/library/view/-/9781849281591/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

43

Online Resource

ISO27001 : ISO27002 (2008)

Calder, Alan [VerfasserIn] 1957-

Ely, U.K. : IT Governance Pub.

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (1 v.)

Keywords: Information technology ; Security measures ; Computer networks ; Security measures ; Data protection ; Risk management ; Electronic books ; Electronic books ; local

Abstract: Use ISO27001 to protect your organisation's information assets This helpful, handy ISO27001/ISO27002 pocket guide gives a useful overview of these two important information security standards. Read this pocket guide to learn about: The ISO/IEC 27000 Family of Information Security Standards Background to the Standards Certification process The ISMS and ISO27001 Overview of ISO/IEC 27001:2005 Specification vs Code of Practice Documentation Records Management Responsibility Policy Scope Risk Assessment Implementation. Confidentiality, Integrity and Availability In order to ensure the availability, confidentiality and integrity of your business information, you will need to put in place an information security management system (ISMS). ISO27001 is the international standard that offers a framework for an ISMS. If your organisation's ISMS conforms to the specification of ISO27001, you can arrange for an independent audit of the ISMS against that specification and eventually achieve certification. Why does ISO27001/27002 matter? Improve efficiency - An ISO27001 compliant ISMS will enable your organisation to move beyond the ad hoc approach to information security. An unsystematic approach to the subject tends to mean that a lot of people's time is wasted ""putting out bush fires"": fixing bugs in software and reacting to incidents as they arise. However, the structured, coherent approach of the ISMS will make your organisation less likely to be crippled by minor setbacks and will, therefore, enable it to function more effectively Protect your information assets - Information assets face a wide range of threats, ranging from criminal activity, such as fraud, to user error or system failure. Putting in place an ISMS, will enable you to improve the level of information security within your organisation Manage risk - The systematic approach to information security required under ISO27001, means your organisation needs to put in place a risk treatment plan. Once you have identified the main threats to your business information, and the most likely ways in which they could do damage to your company, you can work out how best to eliminate or reduce these risks. In addition, there are some risks you can manage by ensuring they remain at an acceptable level Prepare for the worst - Supposing that, in spite of the precautions you had taken, your company did suffer a major security breach. If something like that happened, how well prepared would your company th...

Note: Description based on online resource; title from title page (Safari, viewed August 19, 2013)

URL: https://learning.oreilly.com/library/view/-/9781849281669/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

44

Online Resource

Ten Rules of Information Security for the Smaller Business (2008)

Calder, Alan [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : IT Governance Publishing | Boston, MA : Safari

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (95 pages)

Edition: 1st edition

Keywords: Electronic books ; local

Abstract: Invaluable advice on information security in clear, accessible language! Are you making it too easy for online fraudsters to steal from your company? IT is opening up new opportunities for your business. It also offers rich pickings for the criminal. The new threat When legitimate business goes digital, organised crime cannot be far behind. So, once your business is connected to the Internet, you become vulnerable to a whole range of new threats. Hackers can break into your computer, using dictionary attacks or keystroke logging to seize the password to your email account. ; Criminals may send you emails in an attempt to trick you into downloading malicious software or to reveal your bank details. Online fraud may now be as valuable to organised crime as drug trafficking, and there are roughly 200,000 viruses, Trojans and worms circulating in cyberspace. All this means that in today's world, the bad guys are only a mouse-click away. What you can do Your business information is valuable, so it is in your interest to protect it. You also have a responsibility towards your customers. While information security breaches are costly in themselves, you also have to think about what exposing your customers to the danger of identity theft might do to your company's reputation. Sometimes these issues seem complex and bewildering. The good news is that you can take some simple steps that will help to secure your business's digital information. Common-sense precautions, like not leaving your laptop lying around in a public place, or protecting your wireless network with a firewall, make a real difference. Speaking your language If IT is not your speciality, and you are running a small business that is connected to the Internet, then this book is for you. The author steers clear of geek language, and offers you, in plain English, ten simple rules to keep you out of trouble online. The damage and losses that result from online fraud can run into thousands of pounds, so this could well be the most valuable books you ever buy! Benefits to business include: Retain customer confidence If you cannot protect your customer data, then you will leave it exposed to hackers and thieves. Breaches in your information security will not only alienate existing customers, but also scare other potential customers away. To protect the reputation of your company, you need to get up to speed on information security. Avoid fines and lawsuits If you are running a business, you ha...

Note: Online resource; Title from title page (viewed July 1, 2008) , Mode of access: World Wide Web.

URL: https://learning.oreilly.com/library/view/-/9781905356553/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

45

Online Resource

ISO/IEC 38500 : The IT Governance Standard (2008)

Calder, Alan [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : IT Governance Publishing | Boston, MA : Safari

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (49 pages)

Edition: 1st edition

Keywords: Electronic books ; local

Abstract: Understand ISO 38500: the standard for the corporate governance of IT ISO/IEC38500 is the international standard for the corporate governance of information and communication technology. The purpose of the standard is to create a framework to ensure that the Board is appropriately involved in the governance of the organisation's IT. The standard sets out guiding principles for directors on how to ensure the effective, efficient and acceptable use of IT within their company. This useful pocket guide provides an account of the scope and objectives of the standard. It outlines the standard's six core principles, sets out the three major tasks that the standard assigns to directors regarding IT, and explains the interrelationship between the two. The guide also offers advice on how to set up and implement the IT governance framework. Business benefits of ISO/IEC 38500 (ISO38500) include: Manage the organisation's investment in IT responsibly The pocket guide shows how the standard can be used to ensure that your decision making about IT investment remains clear and transparent, and that the associated risks are clearly understood. Meet compliance requirements ISO/IEC38500 requires directors to verify that their IT systems are in compliance with all applicable regulations. As this pocket guide explains, following the procedures set out in ISO/IEC38500 will help company directors both to achieve and demonstrate compliance. Improve the performance of the organisation On average, investment in IT represents more than 50 per cent of every organisation's annual capital investment. Both private and public sector organisations need to maintain a high standard of service while at the same time keeping costs low. The pocket guide looks at how following the guidance contained in ISO/IEC38500 can enable directors to retain a grip on costs and obtain better value for money from IT equipment. Introduce effective project governance This pocket guide describes how ISO/IEC38500 can help company directors to identify problems in an IT project at an early stage. In this way, the standard promotes effective management of the risks associated with major IT projects, enables the board to keep a grip on budgets and militates against project failure. Implement ISO38500, the international standard for corporate governance of IT An IT governance framework serves to close the gap between the importance of IT and the understanding of IT. For this reason, you can use an IT go...

Note: Online resource; Title from title page (viewed July 31, 2008) , Mode of access: World Wide Web.

URL: https://learning.oreilly.com/library/view/-/9781905356584/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

46

Online Resource

IT regulatory compliance in North America (2007)

Calder, Alan [VerfasserIn] 1957-

[Ely, UK?] : IT Governance

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (1 v.)

Keywords: Information technology ; Law and legislation ; United States ; Technology and law ; United States ; Information technology ; United States ; Management ; Electronic books ; Electronic books ; local

Abstract: A clear and concise introduction to the rules for IT in North America In today's computer-driven world, every modern business depends on its information technology. This means that IT systems have to be protected and regulated. If your organization has a presence in North America, you need to be familiar with the relevant laws and standards for IT governance. IT is a key component of the US legislation relating to corporate governance and privacy. In addition, the Basel 2 Accord, the Fair Credit Reporting Act and the online banking standards of the Federal Financial Institutions Examination Council (FFIEC) all have important IT governance implications. Canada also has its own Personal Information Protection and Electronic Documents Act (PIPEDA). With such a wide range of rules and regulations, where do you begin? This pocket guide is intended as a brief, accessible survey of the major North American legislation relating to IT and information security. It provides a concise summary of the IT governance provisions currently in effect in Canada and the United States. Including advice on the requirements for preserving corporate records, the guide will help you to identify any gaps in your organization's IT compliance regime. Benefits to business include: Avoid breaches of criminal or civil law The pocket guide covers the key IT compliance issues for organizations operating in North America Find out about the IT Governance requirements of Sarbanes-Oxley The Sarbanes-Oxley Act of 2002 (SOX) was passed in response to the Enron scandal. Compliance with Sarbanes-Oxley is mandatory and failure to comply can result in significant penalties for individual directors. Tis pocket guide explains the internal controls over your IT systems that SOX requires you to maintain Understand the requirements of GLBA The Gramm-Leach-Bliley Act or Financial Services Modernisation Act covers all US-regulated financial services corporations. The pocket guide outlines the information security requirements of the Act and looks at how they are enforced Learn about Safe Harbor compliance Under the Safe Harbor framework, US corporations that have operations in the EU are permitted to receive European data. The pocket guide outlines the advantages for an American company of Safe Harbor compliance This pocket guide covers essential North American IT- and information-related regulation, including: Corporate governance, particularly Sarbanes-Oxley Basel2 Breach Notification laws O...

Note: Publication information taken from resource description page (Safari, viewed August 16, 2013). - Description based on online resource; title from cover

URL: https://learning.oreilly.com/library/view/-/9781849281201/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

47

Online Resource

IT governance : a pocket guide (2007)

Calder, Alan [VerfasserIn] 1957-

Ely, Cambridgeshire, U.K. : IT Governance Pub.

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (1 v.) , ill.

Keywords: Information technology ; Management ; Electronic books ; Electronic books ; local

Abstract: An Introduction to IT Governance If you are unsure what IT governance is, or how it is relevant to your business, this pocket guide is for you. It outlines the key drivers for IT governance in the modern global economy, with particular reference to corporate governance requirements and the need for companies to protect their information assets. IT Governance for "Non-geeks" The guide examines the role of IT governance in the management of strategic and operational risk. It also looks at the most important considerations when setting up an IT governance framework, and introduces you to the Calder-Moir IT Governance Framework that the author helped to create. The approach throughout is resolutely non-geek, avoiding technical jargon and with the emphasis on business opportunities and needs. Find out about something that matters for your organisation's survival If you want your business to succeed, you have to make effective use of information technology. Otherwise you will be outpaced by your competitors. This pocket guide is about how to create a framework to ensure that your organisation's IT will support its overall objectives. Understand a crucial aspect of corporate governance Companies are regulated in order to protect the interests of shareholders from fraudulent or reckless activity on the part of the directors. For US-listed companies, compliance with the Sarbanes-Oxley Act (SOX) of 2002 is mandatory. The requirements of SOX and the UK's Combined Code can only be met if you have an effective IT governance framework already in place. Understand a crucial aspect of risk management Those running a company have a responsibility to manage risk. An IT governance framework will help you to stop hackers, fight cybercrime and minimise the disruption to your operations in the event of an accident. Cut costs and boost profits While businesses often need to spend money on upgrades to their computer systems and software, this issue has many pitfalls. This pocket guide shows how IT governance can help you to make better investment decisions. An IT governance framework also enhances your overall competitiveness and thus increases profitability.

Note: Includes bibliographical references. - Description based on print version record

URL: https://learning.oreilly.com/library/view/-/9781849281171/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

48

Online Resource

IT regulatory compliance in the UK (2007)

Calder, Alan [VerfasserIn] 1957-

[Ely, UK?] : IT Governance

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (1 v.)

Keywords: Information technology ; Law and legislation ; Great Britain ; Technology and law ; Great Britain ; Information technology ; Great Britain ; Management ; Electronic books ; Electronic books ; local

Abstract: In today's computer-driven world, every modern business depends on its information technology. This means that IT systems have to be protected and regulated. If you run a company that is based in or has a presence in Britain, you need to be familiar with the UK laws and standards that relate to IT governance. This pocket guide provides you with a concise and accessible guide to the relevant UK legislation, including the Data Protection Act 1998, the Freedom of Information Act 2000 and the Regulation of Investigatory Powers Act 2000. It explains the importance of keeping and preserving records, and outlines the type of records your organisation is obliged to retain. IT compliance represents a key challenge for information professionals. By offering you a bird's eye view of the IT compliance landscape, this pocket guide makes that challenge easier to overcome. Benefits to business include: Avoid breaches of criminal or civil law This pocket guide covers the key IT compliance issues for organisations operating in the UK. Find out what is required of IT systems under the Combined Code The pocket guide summarises the requirements of the UK's corporate governance regime in relation to information risk, referring both to the Combined Code and to the Turnbull Guidance. Learn about the UK's distance selling regulations This pocket guide discusses the Privacy and Electronic Communications Regulations 2003. These regulations cover unsolicited direct marketing activity by e-mail. The pocket guide also looks at distance selling regulations such as the Electronic Commerce Regulations (2002). Understand the requirements of copyright law The pocket guide explains the implications of the Copyright Designs and Patents Act 1988 for your use of computer software, with particular reference to user licences. The guide also looks at how you can use steganography (digital watermarking) to protect your ownership of digital information. This pocket guide includes coverage of key UK IT and information-related regulation, such as: FSA Regulations Basel2 MiFID Data Protection Act 1998 Privacy and Electronic Communications Regulations 2003 Freedom of Information Act 2000 Computer Misuse Act 1990 (as updated in 2006) Copyright, Designs and Patents Act 1998 Electronic Communications Act 2000 Regulation of Investigatory Powers Act 2000 Human Rights Act 2000 Disability Discrimination Act 1995 Safeguarding of organizational resources Make sure your IT systems comply with the r...

Note: Publication information taken from resource description page (Safari, viewed August 19, 2013). - Description based on online resource; title from cover

URL: https://learning.oreilly.com/library/view/-/9781849281676/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

49

Online Resource

Risk assessment for asset owners : a pocket guide (2007)

Calder, Alan [VerfasserIn] 1957- ; Watkins, Steve G [MitwirkendeR]

[Ely, UK?] : IT Governance

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (1 v.) , ill.

Series Statement: Pocket guides: practical information security

Keywords: Data protection ; Evaluation ; Data protection ; Standards ; Risk management ; Electronic books ; Electronic books ; local

Abstract: Understand ISO 38500: the standard for the corporate governance of IT ISO/IEC38500 is the international standard for the corporate governance of information and communication technology. The purpose of the standard is to create a framework to ensure that the Board is appropriately involved in the governance of the organisation's IT. The standard sets out guiding principles for directors on how to ensure the effective, efficient and acceptable use of IT within their company. This useful pocket guide provides an account of the scope and objectives of the standard. It outlines the standard's six core principles, sets out the three major tasks that the standard assigns to directors regarding IT, and explains the interrelationship between the two. The guide also offers advice on how to set up and implement the IT governance framework. Business benefits of ISO/IEC 38500 (ISO38500) include: Manage the organisation's investment in IT responsibly The pocket guide shows how the standard can be used to ensure that your decision making about IT investment remains clear and transparent, and that the associated risks are clearly understood. Meet compliance requirements ISO/IEC38500 requires directors to verify that their IT systems are in compliance with all applicable regulations. As this pocket guide explains, following the procedures set out in ISO/IEC38500 will help company directors both to achieve and demonstrate compliance. Improve the performance of the organisation On average, investment in IT represents more than 50 per cent of every organisation's annual capital investment. Both private and public sector organisations need to maintain a high standard of service while at the same time keeping costs low. The pocket guide looks at how following the guidance contained in ISO/IEC38500 can enable directors to retain a grip on costs and obtain better value for money from IT equipment. Introduce effective project governance This pocket guide describes how ISO/IEC38500 can help company directors to identify problems in an IT project at an early stage. In this way, the standard promotes effective management of the risks associated with major IT projects, enables the board to keep a grip on budgets and militates against project failure. Implement ISO38500, the international standard for corporate governance of IT An IT governance framework serves to close the gap between the importance of IT and the understanding of IT. For this reason, you can use an IT go...

Note: Publication information taken from resource description page (Safari, viewed August 19, 2013). - Includes bibliographical references. - Description based on online resource; title from cover

URL: https://learning.oreilly.com/library/view/-/9781849281232/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

50

Online Resource

IT governance : guidelines for directors (2005)

Calder, Alan [VerfasserIn] 1957-

[Erscheinungsort nicht ermittelbar] : IT Governance Pub.

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (1 v.) , ill.

Parallel Title: Erscheint auch als

Keywords: Information technology ; Management ; Business enterprises ; Computer networks ; Security measures ; Computer security ; Electronic books ; Electronic books ; local

Abstract: A director's guide to IT governance This book is an essential read for those sitting on the board of any organisation that wants to secure its information, its intellectual property and its competitive advantage. Written for a non-technical, commercially-minded audience, this book offers a comprehensive introduction to the critical subject of IT governance. Why is IT governance important? Your business will stand or fall on the quality of its IT governance. Information technology can enable you to improve your operations and cut costs. And by changing the way you deal with your customers, IT may even have the potential to transform your entire business. However, IT involves an element of risk. For the sake of your bottom line, these risks are something your company needs to be capable of managing. IT governance and the board IT governance generally enjoys less board understanding and commitment than corporate governance. However, the reality is that the IT function is vital to the running of your business and so IT governance too requires leadership from the top. Information security breaches have the potential to alienate your customers and to damage your company's reputation. The consequences of cyber crime could cripple your business with heavy financial losses. Failure to comply with the information security requirements of corporate governance codes may even cause your company to be denied a presence in entire countries. The road to information security goes through corporate governance. This means that information security has to be a specific board-agenda item, and a priority at CEO level. IT governance and intellectual property While you can easily judge how much a factory is worth, some of your company's most important assets may be the intangible ones. The real worth of your company is a matter of its intellectual capital - such as patents, designs and databases - as well as the sites and machinery in its possession. This kind of information is held on computer systems. So your company needs to be as serious about protecting its digital information from industrial espionage and cybercrime as it is about protecting its warehouses from robbery and arson. IT governance as a business enabler Having an effective IT governance framework in place will help you to safeguard your company against an information security breach. At the same time, your IT governance framework can open doors for your business. By ensuring that your IT systems are...

Note: Includes bibliographical references. - Description based on print version record

URL: https://learning.oreilly.com/library/view/-/9781849281058/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

51

Online Resource

Nine steps to success : an ISO 27001 implementation overview (2005)

Calder, Alan [VerfasserIn] 1957-

Ely, U.K. : IT Governance Pub.

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (115 p.)

Keywords: Business enterprises ; Computer networks ; Security measures ; Computer security ; Management ; Standards ; Data protection ; Management ; Standards ; Electronic books ; local

Abstract: This is the ideal guide for anyone tackling - or about to tackle - ISO27001 for the first time.

Note: Includes bibliographical references

URL: https://learning.oreilly.com/library/view/-/9781905356126/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.