Effective COBIT 5 implementation requires in-house training


COBIT 5® published by ISACA, defines a comprehensive best-practice framework for the governance and management of enterprise IT. When correctly implemented, it allows the evaluation and control of information technology, so that it constantly contributes to both operational and business objectives. The COBIT 5 framework is generally used by larger organisations, and the successful implementation […]

Why aren’t all UK companies using privacy impact assessments?

Computer security

It has been a long year since the UK Information Commissioners Office (ICO) released its updated report, Conducting privacy impact assessments code of practice, in February 2014. Privacy impact assessments (PIAs) are at the heart of taking a ‘privacy by design’ approach and allow organisations to find and fix problems at an early stage, reducing […]

Why have CompTIA qualifications become so important?

businessman with laptop in network server room

Just like producing a fine wine, it can take a long time for an IT qualification to become recognised and valued by individuals and employers.  This is not a bad thing, as the IT industry has historically been littered with ‘print your own certificate’ schemes that are not worth the paper they are written on. […]

New CISSP exam due for 15 April 2015

(ISC)2 has announced a refresh of the CISSP Common Body of Knowledge (CBK) that will be effective from 15 April this year. Last updated in 2012, CISSP remains the gold standard qualification for developing a senior career in information security. The announced changes are part of the (ISC)2 commitment to ensure that the certification stays […]

What is CompTIA CASP and why is it important to your career?


IT Governance Ltd has this week announced the launch of its new CompTIA Advanced Security Practitioner (CASP) training course. Designed to complement our Professional Certifications portfolio, the CASP course is a five-day classroom session that delivers the practical knowledge required to understand and implement effective information security controls in complex enterprise organisations. It also provides […]

Guidance on an effective PCI DSS staff awareness programme


Staff awareness training is fundamental for effective information security management and for meeting regulatory and compliance requirements. In order for an organisation to comply with PCI DSS v3.0, Requirement 12.6, a formal security awareness programme must be implemented. The PCI Security Standards Council (PCI SSC) has recently released its Information Supplement: Best Practices for Implementing […]

Always judge a training company by its schedule

At this time of year, most successful training companies take the opportunity to release their schedule of public training courses for the following year. With course names, locations and dates confirmed, a schedule should provide a clear statement of both the availability and ‘business intent’ of any training provider. With the release of its public […]

ISO27001 Lead Auditor – The most popular ISO27001 qualification worldwide?


As a leader in the supply of ISO27001 services, we have been delivering our ISO27001 Foundation, Lead Implementer and Lead Auditor training courses since the launch of the Standard in 2005. Over the subsequent years, the ISO27001 standard has become the global information security management system (ISMS) of choice, and we have enjoyed welcoming nearly […]

What is the difference between an ISO27001 Internal Auditor and a Lead Auditor?


In a week when we were pleased to announce that our ISO27001 Internal Auditor training course has been accredited by the International Board for IT Governance Qualifications (IBITGQ), I want to take the opportunity to explain the difference between an ISO27001 Internal Auditor and an ISO27001 Lead Auditor. In Clause 9.2 of the ISO27001:2013 standard, […]

Transform your career – win a package of five IBITGQ training courses


Competitions come and go in our marketing plans, but rarely do we have the chance to potentially change the life and career of any one individual. To celebrate the third anniversary of our partnership with the International Board for IT Governance Qualifications (IBITGQ), I am pleased to announce that all of our customers who spend £1000 […]