Create strong IT governance processes In the current business climate where a tremendous amount of importance is being given to governance, risk, and compliance (GRC), the concept of IT governance is becoming an increasingly strong component. Executive's Guide to IT Governance explains IT governance, why it is important to general, financial, and IT managers, along with tips for creating a strong governance, risk, and compliance IT systems process. Written by Robert Moeller, an authority in auditing and IT governance Practical, no-nonsense framework for identifying, planning, delivering, and supporting IT services to your business Helps you identify current strengths and weaknesses of your enterprise IT governance processes Explores how to introduce effective IT governance principles with other enterprise GRC initiatives Other titles by Robert Moeller: IT Audit, Control, and Security and Brink's Modern Internal Auditing: A Common Body of Knowledge There is strong pressure on corporations to have a good understanding of their IT systems and the controls that need to be in place to avoid such things as fraud and security violations. Executive's Guide to IT Governance gives you the tools you need to improve systems processes through IT service management, COBIT, and ITIL.

This book is a revised edition of the best selling title Implementing IT Governance (ISBN 978 90 8753 119 5).For trainers free additional material of this book is available. This can be found under the "Training Material" tab. Log in with your trainer account to access the material. In all enterprises around the world, the issues, opportunities and challenges of aligning IT more closely with the organization and effectively governing an organization s IT investments, resources, major initiatives and superior uninterrupted service is becoming a major concern of the Board and executive management. An integrated and comprehensive approach to the alignment, planning, execution and governance of IT and its resources has become critical to more effectively align, integrate, invest, measure, deploy, service and sustain the strategic and tactical direction and value proposition of IT in support of organizations. Much has been written and documented about the individual components of IT Governance such as strategic planning, demand management, program and project management, IT service management, strategic sourcing and outsourcing, performance management, metrics, compliance and others. Much less has been written about a comprehensive and integrated approach for IT/Business Alignment, Planning, Execution and Governance. This title fills that need in the marketplace and offers readers structured and practical solutions using the best of the best practices available today. The book is divided into two parts, which cover the three critical pillars necessary to develop, execute and sustain a robust and effective IT governance environment:- Leadership, people, organization and strategy,- IT governance, its major component processes and enabling technologies. Each of the chapters also covers one or more of the following action oriented topics:- the why and what of IT: strategic planning, portfolio investment management, decision authority, etc.;- the how of IT: Program/Project Management, IT Service Management (including ITIL); Strategic Sourcing and outsourcing; performance, risk and contingency management (including COBIT, the Balanced Scorecard etc.) and leadership, team management and professional competences.

A Guide to Effective Internal Management System Audits provides a model for the management and implementation of internal audits that moves beyond simple compliance to ISO requirements and turns the internal audit into a transformational tool that the organization can use to assist with the management of risk, and implement improvements to management systems.

Considered the gold-standard reference on information security, the Information Security Management Handbook provides an authoritative compilation of the fundamental knowledge, skills, techniques, and tools required of today's IT security professional. Now in its sixth edition, this 3200 page, 4 volume stand-alone reference is organized under the C

Pink Elephant is the world leader in IT management best practices, offering solutions to public and private businesses worldwide, many of them listed in the Fortune 500. The Company specializes in improving the quality of IT services through the application of recognized frameworks, including the IT Infrastructure Library (ITIL®).

The issues, opportunities and challenges of aligning information technology more closely with an organization and effectively governing an organization s Information Technology (IT) investments, resources, major initiatives and superior uninterrupted service is becoming a major concern of the Board and executive management in enterprises on a global basis. An integrated and comprehensive approach to the alignment, planning, execution and governance of IT and its resources has become critical to more effectively align, integrate, invest, measure, deploy, service and sustain the strategic and tactical direction and value proposition of IT in support of organizations. Much has been written and documented about the individual components of IT Governance such as strategic planning, demand (portfolio investment) management, program and project management, IT service management and delivery, strategic sourcing and outsourcing, performance management and metrics, like the balanced scorecard, compliance and others. Much less has been written about a comprehensive and integrated IT/Business Alignment, Planning, Execution and Governance approach. This new title fills that need in the marketplace and gives readers a structured and practical solutions using the best of the best principles available today. The book is divided into nine chapters, which cover the three critical pillars necessary to develop, execute and sustain a robust and effective IT governance environment - leadership and proactive people and change agents, flexible and scalable processes and enabling technology. Each of the chapters also covers one or more of the following action oriented topics: demand management and alignment (the why and what of IT strategic planning, portfolio investment management, decision authority, etc.); execution management (includes the how - Program/Project Management, IT Service Management with IT Infrastructure Library (ITIL) and Strategic Sourcing and outsourcing); performance, risk and contingency management (e.g. includes COBIT, the balanced scorecard and other metrics and controls); and leadership, teams and people skills.

IT governance seems to be one of the best strategies to optimize IT assets in an economic context dominated by information, innovation, and the race for performance. The multiplication of internal and external data and increased digital management, collaboration, and sharing platforms exposes organizations to ever-growing risks. Understanding the threats, assessing the risks, adapting the organization, selecting and implementing the appropriate controls, and implementing a management system are the activities required to establish proactive security governance that will provide management and customers the assurance of an effective mechanism to manage risks. IT Governance and Information Security: Guides, Standards, and Frameworks is a fundamental resource to discover IT governance and information security. This book focuses on the guides, standards, and maturity frameworks for adopting an efficient IT governance and information security strategy in the organization. It describes numerous case studies from an international perspective and brings together industry standards and research from scientific databases. In this way, this book clearly illustrates the issues, problems, and trends related to the topic while promoting the international perspectives of readers. This book offers comprehensive coverage of the essential topics, including: IT governance guides and practices; IT service management as a key pillar for IT governance; Cloud computing as a key pillar for Agile IT governance; Information security governance and maturity frameworks. In this new book, the authors share their experience to help you navigate today’s dangerous information security terrain and take proactive steps to measure your company’s IT governance and information security maturity and prepare your organization to survive, thrive, and keep your data safe. It aspires to provide a relevant reference for executive managers, CISOs, cybersecurity professionals, engineers, and researchers interested in exploring and implementing efficient IT governance and information security strategies.

A practical, relevant manual to IT governance This book is essential if you're serious about making you IT governance practices add value. It reviews the strengths and weaknesses of the leading frameworks - including COSO, CoBIT, ITIL, ISO15000, ISO17799, AS8015 and GAISP - in the context of competitiveness, corporate governance demands and regulatory requirements. Aimed squarely at IT governance practitioners (including board members, owners, directors, partners, senior executives, IT managers, governance practioners, professional advisers, project managers, process owners, and intelligent people in public and private sector organisations everywhere) - IT Governance Today is a comprehensive snapshot of IT governance in the corporate world today. An integrated IT governance model IT governance is a board-led management framework - not a software 'solution' or a single, proprietary framework - for making IT an integrated, value-adding part of the business. IT Governance Today: A Practitione'rs Handbook proposes an integrated IT governance model that pulls together the key components of these frameworks into a single integrated model that overcomes the limitations of each, and creates a comprehensive tool that is truly capable of generating long-term business value. An overview of modern IT governance The book contains a substantial chapter on the role of the Chief Information Office (CIO), and an optimum management structure (including Chief Knowledge Office (CKO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO), etc.) for the IT department that brings together all the key roles and responsibilities. Additional topics covered by this book include: IT Balanced Scorecard the Baldridge criteria capability maturity models (including CMMI and OPM3) the Zachman Framework for enterprise architecture project governance (including portfolio management, OPM3 and agile project management methodologies) operational risk and risk management frameworks such as Basel2 and the Treadway Commission's ERM financial concepts in the IT environment such as ROI and TCO IT performance optimisation IT audit Read this eBook today to get a grip on the concepts of IT governance.

Faced with constant and fast-evolving threats to information security and with a growing exposure to cyber risk, managers at all levels and in organizations of all sizes need a robust IT governance system. Now in its sixth edition, the bestselling IT Governance provides guidance for companies looking to protect and enhance their information security management systems and protect themselves against cyber threats. This version has been fully updated to take account of current cyber security and advanced persistent threats and reflects the latest regulatory and technical developments, including the 2013 updates to ISO 27001/ISO 27002. Changes for this edition include: updates in line with the revised ISO 27001 standard and accompanying ISO 27002 code of practice for information security controls; full coverage of changes to data-related regulations in different jurisdictions and advice on compliance; guidance on the options for continual improvement models and control frameworks made possible by the new standard; new developments in cyber risk and mitigation practices; guidance on the new information security risk assessment process and treatment requirements. Including coverage of key international markets, IT Governance is the definitive guide to implementing an effective information security management and governance system.