Last month we launched five new toolkits – all of which help organisations to implement specific frameworks or standards. I want to talk to you about two of these toolkits as I think they will be of particular interest to your organisation:
During March and April we published lot’s of new books and toolkits. I want to take this opportunity to bring two of these books, which were our two best selling books at the Info Security Europe show, to your attention:
Special discount for the International Secure Systems Development Conference
When your organisation can no longer meet its deadlines, or provide customers with the high quality of service they expect, you have a problem. Unplanned absence also has a bad effect on morale, putting the rest of the team under pressure as they struggle to deal with the additional workload. Unplanned absence can occur as a result of force majeure (for example, when an airline is hit by strike action), or because of poor employee motivation and commitment.
Control Objectives for Information and Related Technology (CobiT) is an IT governance control framework that helps organisations meet today’s business challenges in the areas of regulatory compliance, risk management and aligning IT strategy with organisational goals.
The three-day Implementing ISO20000 Training Course prepares the IT practitioner (or ISO20000 project manager), to implement ISO/IEC 20000 in an organisation. It covers the interpretation and application of the ISO/IEC 20000 Standard, has a wider scope than the Certificated Auditor training course and is therefore ideal for all IT(SM) consultants who wish to assist organisations in preparing for audit/certification to ISO20000.
ISO27001 Certificated Internal Auditor training provides an excellent career progression and skills development opportunity for information security staff and internal auditors.
This two-day certificated training course prepares the internal auditor to effectively audit compliance with the information security standard ISO27001 and against the controls contained in ISO27002 (ISO17799). Certificates of attendance are awarded to all delegates and this course qualifies for 16 CPE credits, or 16 hours for all professional Continuous Professional Education programs.
There has been a huge uptake in USA based organizations adopting the PRINCE2™ methodology for their projects. The latest updates to the method were made in 2009 and all the core publications were re-launched reflecting the improvements.
Social media is, for many organisations, a critical part of how they speak to customers, partners and stakeholders; for others, social media are a dangerous distraction.
Dealing effectively with social media requires a joined-up approach that is aligned with the objectives and risk appetite of the business – a governance approach.
In a speech at the Infosec security conference last week, the deputy Information Commissioner, David Smith, said that the NHS reported the highest number of serious data breaches of any UK organisation since the end of 2007.
The NHS – the UK’s largest employer with 1.7m staff reported 287 breaches it in the period, accounting for more than 30% of the total number of reported breaches. Most of the breaches (113) were the result of stolen data or hardware, followed by 82 cases of lost data or hardware.