PCI Training Programme – Now Updated to PCI DSS v3.0

On the 7th November, the Payment Card Industry Security Standards Council (PCI SCC) published version 3.0 of the PCI Data Security Standard. For the seasoned IS veterans out there, you may have noticed that on first inspection, there appears to be little difference between the v2.0 version and the new new improved PCI DSS v3.0. We […]

COBIT 5 Implementation Training – The First in the UK

COBIT 5 was published in 2012 and has rapidly become the IT governance best practice of choice for larger international companies. In addition to US listed companies (and UK companies with US listing) who need to be SOX compliant, companies in the UK are turning to COBIT 5 to address the requirements of the UK Combined Code […]

Current and Future Needs for ISO27001 Training

Not surprisingly for a company so focussed on ISO27001, we have received many calls from our customers about their  training requirements for the new ISO27001:2013 standard. Given that the new version of  the standard completely replaces the old ISO27001:2005 version, surely the answer is obvious! But: While ISO27001:2005 has been replaced by the new version, […]

ITIL Foundation (2 Day) Training – The View from Essex Univeristy

We have been delivering In-House Training services to our customers for a number of years. Reducing the time away from the office, they offer a cost-effective solution to training an entire team and offer delegates the chance to gain an industry recognised qualification. This is particularly true for a service management team, many of whom who will be responsible for essential support activities on an IT helpdesk but […]

Cyber security – it’s something our IT boffins take care of, isn’t it?

Is this something your board members might say? If it is, you’re not alone. Our recent Boardroom Cyber Watch Survey highlighted that despite cyber-threats potentially impacting on many mission-critical aspects of a business, only 30% of respondents felt that an understanding of current IT security threats is a prerequisite for board-level job candidates. Perhaps the […]

Life after CISM and CGEIT

As you enjoy the continuing summer heat wave, spare a thought for the dedicated professionals spending this summer revising for the ISACA CISM or CISA exams taking place in September. If you are one of these dedicated souls, then rest assured that if you pass your exam, the hard work WILL be worth it. If you […]

Addressing the cyber security skills gap

Earlier this year, the National Audit Office (NAO) identified the ‘current and future ICT and cyber security skills gap’ as one of six barriers the Government must overcome to successfully deliver its cyber security strategy. As more and more businesses start to tackle the rising cyber security threat, how can we start to bridge this […]

ISO22301 professional certifications – great for career continuity planning

ISO22301, the new kid on the business continuity block, replaced BS 25999 in 2012 as the definitive standard for business continuity. As organisations begin to realise the wider business benefits that ISO22301 compliance brings, gaining a professional certification in this area certainly bodes well for career continuity. As Tony Drewitt, Risk Consultant at IT Governance and […]

Is it time to consider ISO22301 and business continuity planning?

Picture the scene. You arrive at work in one of the largest blood manufacturing centres in the world. Prolonged rainfall has flooded the centre and it has to be closed. Your service supplies patients throughout the NHS and this closure has potentially life threatening implications. What do you do? A). Hit the panic button. B). […]

ISO 20000 – a new career opportunity for auditors

Auditors with a keen eye for new areas of specialism may be interested in the rising interest in ISO 20000, the international standard for IT Service Management. Figures from APMG show that whilst Japan, India and the USA are leading the way with the highest number of ISO 20000 certified organisations, the UK isn’t too […]