IT governance : a manager's guide to data security and ISO 27001/ISO 27002

Select an Action

Title:

Author:

Calder, Alan, 1957-

ISBN:

9780749452711

Personal Author:

Calder, Alan, 1957-

Edition:

4th ed.

Publication Information:

London ; Philadelphia : Kogan Page Limited, 2008.

Physical Description:

x, 372 p. ; 24 cm.

Contents:

1. Why is information security necessary? -- 2. The Combined Code, the Turnbull Report and Sarbanes-Oxley -- 3. ISO27001 -- 4. Organizing information security -- 5. Information security policy and scope -- 6. The risk assessment and statement of applicability -- 7. External parties -- 8. Asset management -- 9. Human resources security -- 10. Physical and environmental security -- 11. Equipment security -- 12. Communications and operations management -- 13. Controls against malicious software (malware) and back-ups -- 14. Network security management and media handling -- 15. Exchanges of information -- 16. Electronic commerce services -- 17. E-mail and internet use -- 18. Access control -- 19. Network access control -- 20. Operating system access control -- 21. Application access control and teleworking -- 22. Systems acquisition, development and maintenance -- 23. Cryptographic controls -- 24. Security in development and support processes.

25. Monitoring and information security incident management -- 26. Business continuity management -- 27. Compliance -- 28. The ISO27001 audit -- Appendix 1. Useful websites -- Appendix 2. Further reading.

Abstract:

"The development of IT governance - which recognizes the convergence between business practice and IT management - makes it essential for managers at all levels and in organizations of all sizes to understand how best to deal with information security risks." "This new edition of a unique handbook is fully updated with the latest regulatory and technological developments. Containing the latest revisions to ISO 27001 and ISO 27002, it guides business managers through the issues involved in achieving ISO certification in Information Security Management and covers all aspects of data security."--BOOK JACKET.

Subject Term:

Computer security.

Data protection.

Business enterprises -- Computer networks -- Security measures.

Added Author:

Watkins, Steve, 1970-

Copies:

Available:*

Library	Material Type	Item Barcode	Shelf Number	Copy	Status
Searching... 1:IIEMSA	1:GEN-BOOK	33168023672906	005.8 C146.I 2008	1	Searching... Unknown

Bound With These Titles

On Order

Summary

Information is widely regarded as the lifeblood of modern business, but organizations are facing a flood of threats to such 'intellectual capital' - from hackers, viruses and online fraud. Increasingly, data protection, privacy regulations, computer misuse and regulations around investigatory powers are part of a complex and often competing range of requirements to which directors must respond. IT Governance will be essential to board members, executives, owners and managers of any business or organization that depends on information, that uses computers on a regular basis or that has an internet aspect to its overall strategy. With full coverage of the Turnbull Report and the Combined Code (in the UK), and the Sarbanes-Oxley Act (in the US), the book examines standards of best practice for companies looking to protect and enhance their information security management systems, allowing them to ensure that their IT security strategies are co-ordinated, coherent, comprehensive and cost effective. Each book comes with password-protected access to the www.itgovernance.co.uk website, for the latest news updates in this dynamic and constantly-changing sector.