In an age of globalization, widely distributed systems, and rapidly advancing technological change, IT professionals and their managers must understand that risk is ever present. The key to project success is to identify risk and subsequently deal with it. The CIO’s Guide to Risk addresses the many faces of risk, whether it be in systems development, adoption of bleeding edge tech, the push for innovation, and even the march toward all things social media. Risk management planning, risk identification, qualitative and quantitative risk analysis, contingency planning, and risk monitoring and control are all addressed on a macro as well as micro level. The book begins with a big-picture view of analyzing technology trends to evaluate risk. It shows how to conceptualize trends, analyze their effect on infrastructure, develop metrics to measure success, and assess risk in adapting new technology. The book takes an in-depth look at project-related risks. It explains the fundamentals of project management and how project management relates to systems development and technology implementation. Techniques for analyzing project risk include brainstorming, the Delphi technique, assumption analysis, and decision analysis. Metrics to track and control project risks include the Balance Scorecard, project monitoring and reporting, and business and technology metrics. The book also takes an in-depth look at the role of knowledge management and innovation management in identifying, assessing, and managing risk. The book concludes with an executive’s guide to the legal and privacy issues related to risk management, as well overviews of risks associated with social media and mobile environments. With its checklists, templates, and worksheets, the book is an indispensable reference on risk and information technology.

CIO Survival Guide is a leadership manual for the emerging role of the Chief Information Officer. This book supports and guides CIOs in acquiring or enhancing their technical skills and leadership competencies to be a full and respected member of the Executive Team. It includes exposition and practice of the skills and competencies required to be a successful CIO.

The growing complexity of today's interconnected systems has not only increased the need for improved information security, but also helped to move information from the IT backroom to the executive boardroom as a strategic asset. And, just like the tip of an iceberg is all you see until you run into it, the risks to your information are mostly invi

The ability to write well correlates highly with the ability to think well—to analyze information, weigh alternatives, and make decisions. Government managers must make instructions and policies clear to employees, give effective presentations, and communicate effectively with the public. In addition, government managers must model clear, effective writing for their staffs. A comprehensive chapter on using social media effectively and appropriately is included.

With each new advance in connectivity and convenience comes a new wave of threats to privacy and security capable of destroying a company's reputation, violating a consumer's privacy, compromising intellectual property, and in some cases endangering personal safety. This is why it is essential for information security professionals to stay up to da

Cloud computing is at the vanguard of the Metaverse-driven digital transformation. As a result, the cloud is ubiquitous; emerging as a mandate for organizations spanning size, sectors, and geographies. Cloud Governance: Basics and Practice brings to life the diverse range of opportunities and risks associated with governing the adoption and enterprise-wide use of the cloud. Corporate governance is uniquely disrupted by the cloud; exacerbating existing risks, and creating new and unexpected operational, cybersecurity, and regulatory risks. The cloud further extends the enterprise’s reliance on cloud service providers (CSPs), fueling an urgent need for agile and resilient business and IT strategies, governance, enterprise risk management (ERM), and new skills. This book discusses how the cloud is uniquely stressing corporate governance. Cloud Governance is a user-friendly practical reference guide with chapter-based self-assessment questions. The chapters in this book are interconnected and centered in a cloud governance ecosystem. This book will guide teachers, students and professionals as well as operational and risk managers, auditors, consultants and boards of directors.

This book constitutes the refereed proceedings of the 25th International Conference on Advanced Information Systems Engineering, CAiSE 2013, held in Valencia, Spain, in June 2013. The 44 revised full papers were carefully reviewed and selected from 162 submissions. The contributions have been grouped into the following topical sections: services; awareness; business process execution; products; business process modelling; modelling languages and meta models; requirements engineering 1; enterprise architecture; information systems evolution; mining and predicting; data warehouses and business intelligence; requirements engineering 2; knowledge and know-how; information systems quality; and human factors.

The Official (ISC)2® Guide to the CISSP®-ISSEP® CBK® provides an inclusive analysis of all of the topics covered on the newly created CISSP-ISSEP Common Body of Knowledge. The first fully comprehensive guide to the CISSP-ISSEP CBK, this book promotes understanding of the four ISSEP domains: Information Systems Security Engineering (ISSE); Certification and Accreditation; Technical Management; and an Introduction to United States Government Information Assurance Regulations. This volume explains ISSE by comparing it to a traditional Systems Engineering model, enabling you to see the correlation of how security fits into the design and development process for information systems. It also details key points of more than 50 U.S. government policies and procedures that need to be understood in order to understand the CBK and protect U.S. government information. About the Author Susan Hansche, CISSP-ISSEP is the training director for information assurance at Nortel PEC Solutions in Fairfax, Virginia. She has more than 15 years of experience in the field and since 1998 has served as the contractor program manager of the information assurance training program for the U.S. Department of State.