- Table View
- List View
IT Governance
by Alan Calder Steve WatkinsFaced with constant and fast-evolving threats to information security and with a growing exposure to cyber risk, managers at all levels and in organizations of all sizes need a robust IT governance system. Now in its sixth edition, the bestselling IT Governance provides best-practice guidance for companies looking to protect and enhance their information security management systems and protect themselves against cyber threats. IT Governance has been fully updated to take account of current cyber security and advanced persistent threats and reflects the latest regulatory and technical developments, including the 2013 updates to ISO27001/ISO27002. Changes for this edition include: Full updates throughout in line with the revised ISO27001 standard and accompanying ISO27002 code of practice for information security controls Full coverage of changes to data-related regulations in different jurisdictions and advice on compliance Guidance on the options for continual improvement models and control frameworks made possible by the new standard New developments in cyber risk and mitigation practices The latest technological developments that affect IT governance and security Guidance on the new information security risk assessment process and treatment requirements Including coverage of key international markets including the UK, North America, the EU and Asia Pacific, IT Governance is the definitive guide to implementing an effective information security management and governance system.
IT Governance Bibliography
by Safari Content TeamIT Governance is the control of organizational structures through effective leadership and the hands-on management of organizational policies, processes, and structures that impact information, information-related assets and technology. Fundamentally, IT governance provides guidance to ensure that an information technology organization is performing successfully and that policies, processes and other organizational structures are in place so that essential organizational strategies and objectives are achieved. Organizations with excellent IT governance enjoy improved coordination, communication and alignment of goals throughout the entire enterprise. With effective IT governance, organizations are able to make effective decisions, manage performance and ensure that projects are completed on time and within budget. IT governance also helps to align business and IT strategy while minimizing risk and ensuring that processes comply with industry standards and frameworks. Most of all, IT governance helps organizations improve productivity, quality and achieve success. Follow along in this Safari Books Online bibliography to learn more about all of the IT Governance aspects that have been described here.
IT Governance and Information Security: Guides, Standards, and Frameworks (Advances in Cybersecurity Management)
by Yassine Maleh Mamoun Alazab Abdelkebir Sahid Mustapha BelaissaouiIT governance seems to be one of the best strategies to optimize IT assets in an economic context dominated by information, innovation, and the race for performance. The multiplication of internal and external data and increased digital management, collaboration, and sharing platforms exposes organizations to ever-growing risks. Understanding the threats, assessing the risks, adapting the organization, selecting and implementing the appropriate controls, and implementing a management system are the activities required to establish proactive security governance that will provide management and customers the assurance of an effective mechanism to manage risks. IT Governance and Information Security: Guides, Standards, and Frameworks is a fundamental resource to discover IT governance and information security. This book focuses on the guides, standards, and maturity frameworks for adopting an efficient IT governance and information security strategy in the organization. It describes numerous case studies from an international perspective and brings together industry standards and research from scientific databases. In this way, this book clearly illustrates the issues, problems, and trends related to the topic while promoting the international perspectives of readers. This book offers comprehensive coverage of the essential topics, including: IT governance guides and practices; IT service management as a key pillar for IT governance; Cloud computing as a key pillar for Agile IT governance; Information security governance and maturity frameworks. In this new book, the authors share their experience to help you navigate today’s dangerous information security terrain and take proactive steps to measure your company’s IT governance and information security maturity and prepare your organization to survive, thrive, and keep your data safe. It aspires to provide a relevant reference for executive managers, CISOs, cybersecurity professionals, engineers, and researchers interested in exploring and implementing efficient IT governance and information security strategies.
IT Governance to Drive High Performance: Lessons from Accenture
by Robert E. KressThis pocket guide provides you with an insider's detailed description of Accenture's IT governance policy and details its governance structure. It will show how effective IT governance links IT strategy and IT decisions to Accenture's business strategy and business priorities. Following the best practices approach set out in this pocket guide will serve as an excellent starting point for any organization with ambitions to achieve high performance. Benefits to business include: *Boost productivity* How hard do you work in other areas of your business to cut costs and improve efficiency? In testing economic times, is the absence of a clear strategy for your business s IT governance still a realistic option? Learning from Accenture s proven approach will enable you to increase your organization's competitiveness over the longer term. * Coordinate your operations * To ensure effective decision-making and align your IT function with your broader business goals, you need to make the structure of your IT governance fit your overall corporate governance structure. That way, you can make your IT work for your business. * Manage change effectively * IT is crucial for realizing the changes you want your business to make. For this reason, you cannot afford to have these changes treated merely as IT projects that have been foisted on the company by the IT department. By bringing top management on board, and giving business leaders a formal role in the IT governance of your organization, you will make the success of any project with an IT component much more likely. * Keep a grip on budgets * The costs of IT projects are notoriously prone to overrun, while some IT development programs have promised more than they ever delivered. The Accenture way of doing business is different. Following the Accenture approach means ensuring that your IT investment is backed by a solid business case, and measuring the return on investment following project completion.
IT Governance: A Pocket Guide
by Alan CalderAll businesses that accept payment cards are prey for hackers. When an attack is exposed - perhaps through a victim disputing fraudulent credit card charges - the target company will be exposed to a harsh and expensive set of repercussions. PCI DSS is designed to ensure that merchants are effectively protecting cardholder data. It recognises that not all merchants may have the technical understanding to identify for themselves the necessary steps and short-circuits to avoid danger. All merchants, and their service providers, should therefore ensure that they comply with PCI DSS, and that they stay compliant.
IT Governance: An International Guide to Data Security and ISO 27001/ISO 27002 (It Governance Ser.)
by Alan Calder Steve WatkinsFaced with the compliance requirements of increasingly punitive information and privacy-related regulation, as well as the proliferation of complex threats to information security, there is an urgent need for organizations to adopt IT governance best practice. IT Governance is a key international resource for managers in organizations of all sizes and across industries, and deals with the strategic and operational aspects of information security. Now in its seventh edition, the bestselling IT Governance provides guidance for companies looking to protect and enhance their information security management systems (ISMS) and protect themselves against cyber threats. The new edition covers changes in global regulation, particularly GDPR, and updates to standards in the ISO/IEC 27000 family, BS 7799-3:2017 (information security risk management) and the latest standards on auditing. It also includes advice on the development and implementation of an ISMS that will meet the ISO 27001 specification and how sector-specific standards can and should be factored in. With information on risk assessments, compliance, equipment and operations security, controls against malware and asset management, IT Governance is the definitive guide to implementing an effective information security management and governance system.
IT Governance: Guidelines for Directors
by Alan CalderThis book provides practical guidance to help directors and boards master the most important business topic of the information age. It comes with a complimentary eBook version! This important book cuts through the hype that surrounds IT governance to provide directors, executives, managers and professional advisers with clear, pragmatic guidelines for ensuring that IT and the business work together to ensure enterprise success in the highly competitive, global information economy. Aligning IT with the business is a key objective for boards and executives. Organizations with effective IT governance consistently generate better returns for their shareholders than equivalent organizations with ineffective IT governance, and the directors of companies that effectively govern their IT are significantly less exposed to compliance and shareholder challenges than others. It links IT governance to today's corporate governance environment and assesses the corporate impact t
IT Governance: Implementing Frameworks and Standards for the Corporate Governance of IT
by Alan Calder Steve MoirThis book aims to do two things. The first is to set out for managers, executives and IT professionals the practical steps necessary to meet today's corporate and IT governance requirements. The second is to provide practical guidance on how board executives and IT professionals can navigate and deploy to best corporate and commercial advantage the numerous IT management and IT governance frameworks and standards - particularly ISO/IEC 38500 - that have been published over the course of the last ten years.
IT Induction and Information Security Awareness: A Pocket Guide
by Valerie MaddockIf you want to tackle the problem of information security, you cannot rely on the help of technology alone. Information security breaches tend to occur as a result of human, as well as technological, failings. However, the human factor usually receives far less attention. Training Computer systems are complex, so people who work with them often need to be trained in how to use them correctly. This applies especially to your company s information security. The loss of a memory stick by a careless employee, or the downloading of a file that contains a virus, may be all it takes to cause a security breach. Practical advice This book offers you practical advice on how to develop an IT Induction programme for your staff that can help safeguard your business information. By providing your employees with simple instruction in good IT working practices, and by making sure they know what is expected of them, you can strengthen your company s information security and reduce the risk that your data will be stolen or lost. A sense of responsibility Encouraging good corporate working and a strong sense of responsibility are, the author argues, essential for the protection of your business information. She shows you how to strike the right balance in your approach to staff training, thereby enabling you to provide your employees with an IT Induction that is at once informative and accessible. Benefits to business include: * Reduce the likelihood of a damaging security breach. Putting in place a programme of IT Induction will help ensure that your company s staff are following information security best practice. Educating employees in good IT working practices will help them to avoid the errors that might otherwise put your organisation at risk. * Protect the company s reputation. The damage an information security breach can do to your business goes beyond the initial cost of clearing up the mess. Without proper staff training, the danger is that theft or loss of data will damage your company s reputation. You need to provide your staff with a proper IT Induction in order to preserve good relations with your customers. * Avoid legal complications. IT offers business new, less formal means of communication. Employees write e-mails in a different style from the way they write letters. However, contracts can be made or broken via e-mail, and e-mail correspondence can be cited in litigation. An IT Induction programme will give your staff the appropriate guidance on e-mail communication with the clients or business partners of your company. * Manage employee working practices. Laptop computers and broadband mean that for many employees, the boundaries between work and home are becoming blurred. If you allow your staff to mix and match between working in the office and working from home, you need to make sure they know what they have to do to safeguard your firm s data both inside and outside the office.
IT Infrastructure: Security and Resilience Solutions
by Yannik Süß Ralf SüßEmbark on a comprehensive journey into the intricate world of IT infrastructure, with an in-depth look into the transformational role of secure, private data centers in today's digital era. This exploration uncovers the multi-faceted domains of IaaS, PaaS, and SaaS, examining the primary components of modern IT infrastructure—compute, storage, backup, and beyond. As technology continues to surge forward, cyber threats evolve in tandem, prompting a dire need for reinforced data center security and resilience.This book provides readers with a holistic, layered understanding of IT operations in our interconnected age. You will dive deep into the heart of technological advancements, appreciating the symbiotic relationship between evolving hardware capabilities and the progressive nature of cloud services. You will understand the intricacies of data center design, management, and the strategic role they play amid the growing reliance on both private and public clouds. Asindustries pivot towards a more digital-first approach, this book serves as a guiding star, illuminating the pathways, challenges, and opportunities of the vast IT infrastructure landscape.What You Will LearnTrace the rich history and evolution of data centers over the last 60 yearsGet comprehensive insights into cloud services architecture, from IaaS to SaaSGain in-depth knowledge of data center facilities, infrastructure, and securityKnow best practices in storage provisioning, administration, and cost managementDevelop strategies and tools for ensuring data center security and resilienceUnderstand the multi-faceted world of IT support service in modern digital environmentsWho This Book Is ForIT professionals: from system administrators and network architects to IT managers and data center overseers, plus students and tech enthusiasts seeking deep insights into IT infrastructure
IT Inventory and Resource Management with OCS Inventory NG 1.02
by Barzan Tony AntalThis book closely follows the style of a practical, hands-on "how to" guide on working with OCS Inventory NG. The step-by-step approach, coupled with the use of visual aids, clear instructions, and real-world examples, makes it a fast-paced book. Upon the completion of this book, you will have the necessary skill set, know-how, and confidence to implement OCS Inventory NG to meet the demanding asset management needs of any organization. Then you can carry on using the book as reference material. This book targets an audience of system administrators and IT professionals who are required to implement, configure, customize, and work with IT Inventory and Asset Management solutions. The book does not presume any prior knowledge of inventory management, just a solid grasp of the server/client model and familiarity with the chosen operating system along with the necessary web server and database server terminologies. Anyone with an interest in inventorying IT assets and solving real-world resource management dilemmas will enjoy this book.
IT Investment: Making a Business Case (Computer Weekly Professional Ser.)
by Dan Remenyi Michael Sherwood-SmithFrequently not enough attention is given to producing a comprehensive business case or to producing an economic justification for an information systems investment. In fact many organizations are not clear as to what constitutes a sound business case and how to go about producing one. This Professional level book for the Computer Weekly Professional Series will show how to go about justification for I.T. spend. This book is designed for all those who are involved in the decision to invest in information systems. This book is especially relevant to senior business executives, senior financial managers and IT executives. Business consultants, computer and corporate advisors will also find the ideas and material addressed in this text of particular benefit as will anyone involved in corporate and strategic planning.In addition, senior students such as those working towards their MBAs will find this book of use.A business case is a statement or a series of statements that demonstrate the economic value of a particular intervention, a course of action or a specific investment. A business case is not simply a financial forecast of the hardware and software costs and the expected benefits. A business case for an information systems investment involves a comprehensive understanding of both the likely resources as well as the business drivers which will assist business managers improve their performance and thereby obtain a stream of benefits from the investment.In general there are approximately six steps in producing a business case for an information systems investment.1. Determine the high-level business outcomes that will be clearly and comprehensively expressed as a set of opportunities the organization can take advantage of, or problems that need to be rectified.2. Identify the corporate critical success factors that will be supported or enhanced by the operation of the completed information systems project or investment.3. Create a list of specific and detailed outcomes or benefits, their appropriate metrics, measuring methods and responsibility points that are represented by the stakeholders.4. Quantify the contribution made by the outcomes, which requires associating numbers or benefit values with outcomes where this is possible.5. Highlight the risks associated with the project.Fundamental to this new approach to developing a business case for information systems investment is the fact that it incorporates much more than the financial numbers which are typically found in the standard approach to a feasibility study. This approach looks behind the financial numbers to the improvements in business performance which are facilitated by information systems and which are the real drivers of the benefits. Furthermore, this approach to developing a business case allows the organization to manage the process so that the required results are achieved.
IT Maintenance: Applied Project Management
by Michael F. Malinoski PMPIT Maintenance: Applied Project Management modifies project management best practices to improve how IT system maintenance is managed. By taking a fresh look at increasing value and quality of system maintenance in a straightforward and practical way, this book helps readers understand how to apply modified project management best practices. From IT maintenance managers, project managers, and team members to CIOs, readers will: • Discover cost savings associated with reducing staff Improve reporting status and metrics •Build greater customer satisfaction Learn how to perform work consistently • Decrease staff stress level by stabilizing expectations •Streamline team operations •Decrease the manager's ongoing workload PLUS! This practical reference is organized by process groups similar to the PMBOK® — providing you with applied step-by-step guidance.
IT Management in the Digital Age: A Roadmap For The It Department Of The Future (Management for Professionals)
by Nils Urbach Frederik AhlemannThis book examines the massive changes currently taking place in the business world and commonly known under the label “digitalization.” In addition, it describes the significant impacts of technological innovations on processes, products, services and business models. The digital transformation resulting from these developments leads to disruption for many enterprises and industries. While for many years, IT departments mainly concentrated on fulfilling the requirements of business departments effectively and efficiently by means of high-quality IT services and operations, today’s IT departments are increasingly expected to actively co-design and co-create the enterprise. This book describes how information technology enables innovation for businesses, and how IT departments can proactively and in a timely manner collaborate with the business departments of their corporation to leverage these innovations. It also delineates the implications of digitalization for the structures, processes and people in today’s IT departments. IT leaders and managers who are responsible for corporate IT, as well as practice-oriented researchers, will find valuable inspirations and guidance in this book, the central mission of which is to encourage and enable a more proactive role for IT in the digital transformation processes."This book demonstrates the impact of digital transformation on IT organizations and their management. It also presents potential risks for technology availability, security and data protection. The authors develop a vision of what IT management should look like in ten years if it is to continue playing an important role in the company. The book seeks to motivate IT executives and managers with IT responsibility to actively adapt their thinking and their IT organizations before they are forced to react to external pressure. Definitely worth reading!" Sven Kreimendahl, Director Business Technology Services, Campana & Schott
IT Management: The art of managing IT based on a solid framework leveraging the company´s political ecosystem
by Lionel Pilorget Thomas SchellThis book focuses on the art of managing IT. A simple and robust framework is proposed to describe and to structure the essential elements of IT management. The authors pay particular attention to didactic aspects in order to facilitate the retention of models presented as well as to promote reflection on the subjects introduced. Thanks to a concentrate of good practices, each company will rapidly be in a position to build their proper IT ecosystem.
IT Outsourcing Contracts: A Legal and Practical Guide
by Jimmy DesaiThis book provides an overview of the IT outsourcing relationshipand life cycle. The process begins with an organizationconsidering whether or not IT outsourcing would be of benefit andthen the issues which would need to be considered in order toanswer this question accurately are discussed. If an organizationbelieves that an IT outsourcing deal could be of benefit, it willthen need to choose a suitable supplier to perform its IToutsourcing. The issues to consider regarding an IT supplier arealso set out in this book. Having selected an IT supplier, anorganization will then need to agree key terms (includingidentifying and agreeing any contentious issues which are so-called deal breakers). Agreeing the IT outsourcing contract isnot the end but the start of the IT outsourcing relationship andthis relationship will need to be managed and developed over thecourse of the contract. Sooner or later the IT outsourcingarrangement will have to come to an end and so an exit plan willneed to be formulated and implemented. This life cycle needs tobe fully understood by anyone involved in this kind of IToutsourcing transaction and this book provides useful informationabout this life cycle.
IT Performance Management
by Peter Wiggers Maritha de Boer-de Wit Henk KokIT Performance Management addresses the way organizations should balance the demand and the supply of information technology, optimizing the cost and maximizing the business value of IT.In this book several aspects of IT performance management are described. The way this management is executed and the techniques, which should be used, depend on the maturity of the relationship between the IT function and the lines of business of an organization. The foundation of the authors' approach is based on the flow of money and related management objectives. However, performance management is primarily based on perceptions. Therefore, this book introduces the IT value perception model. This model describes four separate levels of perception for the business value of IT. If the demand and the supply of IT do not share the same perception level, the balance is lost, which will lead to friction and inefficiency within an organization. This book is not about what is good or what is bad, but rather is about the 'what', the 'why' and to a limited extent the 'how' of managing the performance of IT. Therefore, the book finishes with a 'back-to-business' section in which a self-assessment checklist, a potential growth path and ten next steps are provided. This enables the reader to start applying this book in his every day working environment immediately. IT Performance Management: * Provides an overview of best practices and available thinking on the subject of IT cost and value* Describes the subject of IT cost and value related to management issues on IT strategy, portfolio management, service management, architecture and sourcing * Addresses differing degrees of maturity between IT and the business, illustrated by case studies
IT Planet - Information Technology Book class 9 (Code - 402) - GSTB
by Davinder Singh MinhasThe book “Information Technology 9” is a comprehensive guide designed for Class 9 students, aligned with the CBSE curriculum. It covers a range of topics essential for building foundational IT skills, including employability skills such as communication and self-management, as well as specific IT competencies like data entry, digital documentation, electronic spreadsheets, and digital presentations. The book adopts a step-by-step approach, integrating theoretical knowledge with practical exercises, real-life projects, and application-based questions, making it an effective resource for students to develop technical skills necessary for future employment.
IT Planet Petabyte Class 8
by PM Publishers Pvt. Ltd.The Petabyte book is based on the latest software packages and operating system programs such as Microsoft Office 2019 and Windows 10. Apart from these two, author has covered latest software programs such as Scratch, Stykz, Animate, Photoshop, Spark, MIT App Inventor and Python. To produce a visually appealing and easy to understand book, the author has artfully combined the latest technology, pictures, drawings and text in this series. Most of the pictures in this series show a step-by-step pedagogy, which simplifies the more complex computer concepts. The terms and examples described in this series are those which everyone will come across while using computers in school as well as at home.
IT Project Health Checks: Driving Successful Implementation and Multiples of Business Value
by Sanjiv PurbaProject or program health checks provide tremendous value to businesses and pay for themselves by multiples of magnitude. No matter how well a project or program is performing, there are always activities that can provide better value, reduce costs, or introduce more innovation. IT project and program health checks can help organizations reach their goals and dramatically improve Return on Investment (ROI). IT Project Health Checks: Driving Successful Implementation and Multiples of Business Value offers a proven approach for evaluating IT projects or programs in order to determine how they are performing and how the eventual outcome for the initiative is currently trending. The project or program health checks provide a set of techniques that produce actionable recommendations that can be applied for any combination of the following outcomes: Drive more business and technical value from a program Set a project or program back on track for successful implementation as defined by executive management Rescue a program that is heading towards failure Act as additional insurance for initiatives that are too important to fail Protect executive careers by creating transparency within the inner workings of complex initiatives. The book shows how a review can quickly identify whether an initiative needs to be rescued even when the project team is not aware that it is hurtling towards failure. It also provides techniques for driving business value even when a project team believes it’s been stretched as much as possible. Other outcomes covered in this book include: Objectively develop a project Health-Check Scorecard that establishes how well a project is doing and the direction it is headed Demonstrate how to drive business value from an IT program regardless of how well or badly it is tracking Provide surgical advice to improve a project’s outcome How to use the many templates and sample deliverables to get a quick start on your own health check. Designed to provide significant value to any member of a project team, program team, stakeholders, sponsors, business users, system integrators, trainers, and IT professionals, this book can help find opportunities to drive multiples of business value and exceed project success metrics.
IT Project Management: A Geek's Guide to Leadership (Best Practices in Portfolio, Program, and Project Management)
by Byron A. LoveThis book’s author, Byron Love, admits proudly to being an IT geek. However, he had found that being an IT geek was limiting his career path and his effectiveness. During a career of more than 31 years, he has made the transition from geek to geek leader. He hopes this book helps other geeks do the same. This book addresses leadership issues in the IT industry to help IT practitioners lead from the lowest level. Unlike other leadership books that provide a one-size-fits-all approach to leadership, this book focuses on the unique challenges that IT practitioners face. IT project managers may manage processes and technologies, but people must be led. The IT industry attracts people who think in logical ways—analytical types who have a propensity to place more emphasis on tasks and technology than on people. This has led to leadership challenges such as poor communication, poor relationship management, and poor stakeholder engagement. Critical IT projects and programs have failed because IT leaders neglect the people component of "people, process, and technology." Communications skills are key to leadership. This book features an in-depth discussion of the communications cycle and emotional intelligence, providing geek leaders with tools to improve their understanding of others and to help others understand them. To transform a geek into a geek leader, this book also discusses: Self-leadership skills so geek leaders know how to lead others by leading themselves first Followership and how to cultivate it among team members How a geek leader’s ability to navigate disparate social styles leads to greater credibility and influence Integrating leadership into project management processes The book concludes with a case study to show how to put leadership principles and practices into action and how an IT geek can transform into an effective IT geek leader.
IT Quality Management
by Wolfgang W. OsterhageIn a comprehensive approach this book covers the end-to-end process from request management to change management, error management and migration management to acceptance testing and final data clean up. It is based upon nearly twenty years of experience in tests, acceptance and certification, when introducing medium to large IT systems including complex software for administrations and industry in many countries. There exist a variety of methodologies with different characteristics having emanated from various schools and consultancies to support such activities. However, it is obvious that because of the diversity in organisational levels in companies the rigor of application of such methodologies quite often suffers with regard to more pragmatic approaches. In view of economic considerations this may be unavoidable. For this reason no new or consolidated methodology shall be presented but an approach oriented on practical criteria coming closer to reality and offering methods, which can provide assistance on a case-by-case basis.
IT Regulatory Compliance in North America: A Pocket Guide
by Alan CalderThis pocket guide provides initial guidance to all who are concerned with IT regulatory compliance in North America. A key challenge for all IT executive teams is to ensure that the organization avoids breaches of any criminal or civil law, as well as any statutory, regulatory or contractual obligations, and of any security requirements. Control A.15.1.1 of ISO/IEC27001:2005 (the best-practice information security management standard) provides guidance that is relevant to the IT governance of every organization. It says that the organization should explicitly define and document the statutory, regulatory and contractual requirements for each of its information systems, and that this documentation should be kept up-to-date to reflect any relevant changes in the legal environment. The specific controls and individual responsibilities to meet these requirements should be similarly documented and kept up-to-date, and should be linked to the list of all the data assets and processes in the organization, together with their ownership details.
IT Release Management: A Hands-on Guide
by Dave HowardWhen implemented correctly, release management can help ensure that quality is integrated throughout the development, implementation, and delivery of services, applications, and infrastructure. This holistic, total cost of ownership approach allows for higher levels of system availability, is more cost effective to maintain, and increases overall s
IT Security Controls: A Guide to Corporate Standards and Frameworks
by Virgilio Viegas Oben KuyucuUse this reference for IT security practitioners to get an overview of the major standards and frameworks, and a proposed architecture to meet them. The book identifies and describes the necessary controls and processes that must be implemented in order to secure your organization's infrastructure.The book proposes a comprehensive approach to the implementation of IT security controls with an easily understandable graphic implementation proposal to comply with the most relevant market standards (ISO 27001, NIST, PCI-DSS, and COBIT) and a significant number of regulatory frameworks from central banks across the World (European Union, Switzerland, UK, Singapore, Hong Kong, India, Qatar, Kuwait, Saudi Arabia, Oman, etc.). To connect the book with the real world, a number of well-known case studies are featured to explain what went wrong with the biggest hacks of the decade, and which controls should have been in place to prevent them. The book also describes a set of well-known security tools available to support you.What You Will LearnUnderstand corporate IT security controls, including governance, policies, procedures, and security awarenessKnow cybersecurity and risk assessment techniques such as penetration testing, red teaming, compliance scans, firewall assurance, and vulnerability scansUnderstand technical IT security controls for unmanaged and managed devices, and perimeter controlsImplement security testing tools such as steganography, vulnerability scanners, session hijacking, intrusion detection, and more Who This Book Is For IT security managers, chief information security officers, information security practitioners, and IT auditors will use the book as a reference and support guide to conduct gap analyses and audits of their organizations’ IT security controls implementations.