RESILIA™ – the cyber resilience best practice of the future?

Given the relatively low-key launch of RESILIA in June, it would be easy to dismiss this new cyber resilience best practice as just another one of those schemes or standards that you look at next year (or maybe never)! Published by AXELOS, RESILIA is a best-practice framework designed to build cyber resilience skills and knowledge […]

Why CISA remains essential to senior careers in IT

In-house training

With the growth of CISM and CISSP as the pre-eminent qualifications for securing senior positions in information security, many of our training delegates ask, ‘Where does CISA fit into my career plan?’ Or, indeed, ‘Is CISA just for IT auditors?’ Introduced in 1978, Certified Information Systems Auditor (CISA) is the ‘granddaddy’ of the ISACA range […]

Tech Partnership Training Fund – save £500 on the cost of UK cyber security training

TP logo

I am pleased to announce that IT Governance’s cyber security training courses now qualify for up to £500 of funding from the Tech Partnership Training Fund. This scheme provides direct grants to employers in order to stimulate increased investment in IT training that further promotes business growth and competitiveness in the UK. Supported by the […]

CISSP CBK 2015: what are the big changes?


On 15 April this year, (ISC)2 updated the Official CISSP CBK to reflect the significant changes in both the technical and management aspects of the information security landscape since the release of the previous edition in 2012.  The CISSP examination also changed on this date, so everyone preparing to take the exam should be aware […]

Leaving the MOD and fancy a job in information security management?


It has long been recognised that MOD personnel make excellent candidates for information security jobs when they leave the forces. With many years of training and practical experience in IT, signals, communications and intelligence, service leavers can expect to find a buoyant information security job market waiting for them. There is currently an unprecedented demand […]

Why is CGEIT the elite IT governance qualification?


Launched in 2007, the ISACA Certified in the Governance of Enterprise IT (CGEIT) certificate has become the premier qualification for those responsible for directing and managing the governance of IT in a large organisation. ISACA has confirmed that there are over 6,000 CGEIT professionals worldwide, with 77% holding senior positions as IT directors, audit directors, […]

Free guide to writing an information system audit report


Auditing and the production of clear audit reports are crucial activities in ensuring the effective management of information systems. They are also mandatory requirements for the implementation of IT best practices and standards that include ITIL®, PRINCE2®, COBIT® 5, PCI DSS and ISO27001. ISACA® recently published Information Systems Auditing: Tools and Techniques, which provides a […]

Effective COBIT 5 implementation requires in-house training


COBIT 5® published by ISACA, defines a comprehensive best-practice framework for the governance and management of enterprise IT. When correctly implemented, it allows the evaluation and control of information technology, so that it constantly contributes to both operational and business objectives. The COBIT 5 framework is generally used by larger organisations, and the successful implementation […]

Why aren’t all UK companies using privacy impact assessments?

Computer security

It has been a long year since the UK Information Commissioners Office (ICO) released its updated report, Conducting privacy impact assessments code of practice, in February 2014. Privacy impact assessments (PIAs) are at the heart of taking a ‘privacy by design’ approach and allow organisations to find and fix problems at an early stage, reducing […]