Books published by IT Governance Publishing

Read this essential guide and make your SLA work for you.A wide range of industry sectors will outsource service provision (for example, banking, pharmaceuticals, and insurance companies). This can happen where an organisation outsources its IT payroll needs, its helpdesk and IT maintenance requirements, its payment processing, or its whole IT function.The key riskThe key risk for an organisation that enters into an outsourcing transaction, are that the services that it receives from the supplier will be worse than the services they were receiving before, or that the cost savings that were anticipated or promised, are not achieved.The SLATo try and avoid this scenario, the outsourcing contract should include a Service Level Agreement (SLA). The SLA must be drafted to govern the standard of service that you require, including the cost of those services and the consequences of not achieving pre-agreed standards.The wider environmentWhile Service Level Agreements are a key method, within ITIL, for setting out how two parties have agreed that a specific service (usually, but not necessarily, IT-related) will be delivered by one to the other, and the standards or levels to which it will be delivered, the basic concept is now far more widely applied than just in ITILand ITSM environments.This pocket guide provides information and guidance on SLAs to those in the wider environment, from a legal and practical view point.The benefits and the pitfallsIdentifying some of the benefits and the pitfalls that an organisation can encounter when negotiating and drafting SLAs, this pocket guide provides an overview of SLAs, highlighting typical scenarios that can arise, and provides information on typical solutions that have been adopted by other organisations.Read this pocket guide to Understand what an SLA is and why you need oneWhen negotiating any type of service-related deal (including any IT outsourcing deal), it is essential that sufficient time is devoted to ensuring that the service is of sufficient quality and that this is recorded in an SLA.Understand where SLAs go wrong.SLAs can go wrong for a number of reasons. For example, the SLA may not reflect reality, your service requirements may not be defined properly, or there may be too many service levels and service level targets which can then become difficult to manage.Learn how to build foundations for the SLA.There are elements that you should be considering well before even engaging with potential suppliers. This pocket guide details what your organisation should consider, in order to find the proposal which most closely matches its needs.Understand the issues to consider when drafting the SLA.This pocket guide covers the issues to consider when drafting an SLA, as there are certain provisions in SLAs which either should, or should not, appear.By reading this a short, legal and practical guide to SLAs, you should be able to quickly come up to speed with some of the legal and practical issues that might arise. Negotiating the SLA and putting the SLA into action are also discussed in the pocket guide. Whilst short and easy to digest, case references and weblinks have been provided in the text so readers can find out more information about SLAs.

Expert advice for technical professionals looking to improve their presentation skillsYour technical skills and professional expertise are evidence of your ability to accomplish difficult tasks. Strong presentation skills can help you further advance your career. The ability to present articulately to customers, management, peers and others can significantly enhance your credibility, clout, and professional status. Delivering presentations at work or professional events is an unbeatable way to gain a reputation as a valued employee and an expert in your field.If you have ever tried to get out of giving a presentation because of nerves, or if you feel there is room for improvement in your presentation techniques, then Presentation Skills for Technical Professionals is for you.Invaluable tipsThis book gives you invaluable tips on how to make your presentation clear and accessible, how to interact with your audience and how to retain their interest while keeping your anxiety under control. Naomi Karten has used her vast experience - both positive and negative - on the front lines of public speaking to provide key advice (and many chuckles!) in this engrossing read for the technical professional.By following the advice contained this book, you can take the stress out of the exercise and start delivering presentations that will engage your audience and make your ideas and arguments memorable.Read this book and ...Make your presentation easy to absorb. This book shows you how to structure your information and ideas to ensure you communicate your message to your audience.Learn the pitfalls to avoid. However much time you have put into preparing the presentation, if you irritate your audience you can ruin all your hard work. This book reminds you of the bad habits, like mumbling or speaking in clichs, which you need to avoid if you want to make a good impression.Use PowerPoint effectively. Presentations are often let down by slides which are dull or cluttered. Over-reliance on PowerPoint can mean that the slides become the focal point of the presentation, instead of helping to make what you are saying easier to grasp. This book shows you how to make intelligent use of PowerPoint. Presenting text in small chunks and using a readable type size are two simple ways to keep your audience listening.Deliver successful presentations to managers and customers. Different audiences require different approaches. This book contains essential advice on how to deliver presentations both to high-ranking executives and to customers. Get to the point, and satisfy your superiors. Speak the customer's own language, and you are more likely to make the sale.

A concise and practical guide to the ISO22301 benchmark for business continuity management. Essential reading for all managers, executives and directors with any interest or involvement in operational risk or business continuity management.

Effective project governance for maximum ROIUnderstand your projectMany senior executives in 'non-project' industries are charged with initiating and managing projects. Many of these projects fail, or cost significantly more than originally estimated. This pocket guide highlights many of the common pitfalls and explains how to avoid them.Manage your projectThis step-by-step guide will show you how to make the most of your projects. Discover:the functions and relationships of the key parties. Who should make up the steering committee? Who should be appointed as project manager?how to bring it all back to the bottom line - how much will it cost? How much will it save? Learn how to estimate the costs and benefits. Pick up strategies to help you stay within budgethow long a well-planned project should take to executewhat you can do to insure against the unexpectedthe importance of risk managementhow ready your organisation is to manage a project.Plan your projectThe key to a successful project is planning. This practical guide will show you how to plan your project effectively and eliminate significant problems before you start. Learn how effective planning will save time and money in the long run.Written from personal experience of managing many successful projects over 15 years, Project Governance: The Essentials offers real, workable solutions in bite-size pieces. For small companies and large, whatever your experience, you will discover many keys to gain the best return on your investment.Buy this essential guide and make your projects work for you

Definitive guidance on implementing and developing the internal audit functionInternal auditing provides unbiased information to help management make better decisions. By developing your audit function, you enable your organisation to improve, whilst navigating and dealing with risk.Experience from auditing in the real worldBased on a series of hugely popular articles from Compliance Week this book is a concise commentary on strategic issues concerning the way internal audit is established, planned and performed. High-level issues sit alongside practical guidance to ensure the book appeals to all levels of internal audit management staff.The book opens with an explanation of the internal audit function, and then looks at specific topics that internal auditors must know, including risk management, IT security, business continuity, ethics and compliance.Extensive resources and researchThe author draws on a wide range of resources, and includes details of websites and key literature that encourage further exploration. Commentaries on the wide variety of topics that the author has examined over the years are followed up by various references, including the most important work of the Institute of Internal Auditors.The book will help you to:Get to grips with key topics of the internal auditEnhance the internal audit to allow your organisation to improveNavigate risks and increase business prospectsLearn to implement the internal audit, and create a platform for organisational success

Your business information is likely to be much more valuable than the hardware on which it is stored. The loss of a laptop might set you back GBP400, but if the files on the laptop included sensitive customer data or the blueprint for a new product, the cost of repairing the damage would run into thousands. The consequences of a data breach range from alienating customers to heavy fines, or even criminal prosecution. While technologies, such as antivirus software and encryption, can offer some protection against cybercrime, security breaches are most often the result of human error and carelessness.Improve information securityImproving information security within your organisation, therefore, has to encompass people and processes, as well as technology. Motivating your team and making them more aware of security concerns should be at the heart of your information security strategy. At the same time, the processes you have in place to address information security issues need to be straightforward and properly understood if you want your employees to adhere to them.BT's approachThis pocket guide is based on the approach used by BT to protect its own data security - one that draws on the capabilities of both people and technology. The guide will prove invaluable for IT managers, information security officers and business executives.Read this guide and Win businessBy demonstrating that there are effective safeguards for your business information in place, you can strengthen the trust of partners and customers and improve the image of your brand. Effective information security may even provide the extra advantage you need to close an important deal.Protect your organisation from social engineering attacksOnce fraudsters have gained the trust of a company employee they will then seek to exploit that trust for their own criminal purposes by persuading the employee to divulge confidential information. This pocket guide will help your staff to be on their guard against this type of threat.Improve processes and proceduresThe guide sets out some basic precautions that employees can take, both in and outside the workplace, to reduce the risk of a data breach.Enable people to make a positive contribution to securityThe processes you have in place to manage your information security need to be observed. At the same time, you are unlikely to achieve the optimum level of protection unless your workforce understands the reason why these policies are necessary. This pocket guide shows you how you can enhance your information security by engaging and motivating your staff.Security: The Human Factorlooks at the challenges associated with information security, the consequences of failing to meet them and - most importantly - at the steps organisations can take to make themselves and their information more secure.For an approach to information security that takes the human factor into account, buy this essential guide today!

Learn how you can implement the ISO9000 Quality Management standard to maximum effect for your organisation

Brush up on your soft skills and see the working relationships with your IT Audit clients flourish.

Business continuity is crucial to the survival of your business. Learn how to manage it effectively with this essential guide!The risks for businesses today are increasing all the time and so are the consequences of incidents and interruptions. Too many companies lose time, customers and income because of circumstances beyond their control. Companies that have a business continuity plan in place are able to not only minimise losses and retain clients, but also win new business!Accountability is also a new and growing aspect of running organisations. When things go wrong, people at the top are expected to be able to account for the decisions that they took, or didn't take, when times were better. Business continuity plans and arrangements developed on best-practice lines are far more likely to protect directors in the face of any post-incident enquiry.When customers are choosing suppliers, whether looking for new ones or reviewing which to keep, most are considering not only price, but quality, financial stability and operational resilience - whether a supplier is likely to be tripped over by the slightest incident, or whether it has some credible plan. Any company can say that it has a business continuity plan, but those that can demonstrate resilience based upon best-practice principles will surely have the edge over those that cannot.The book will guide you through domestic and international standards relating to business continuity, with particular reference to ISO22301. Companies achieving certification under the Standard will communicate to their stakeholders their commitment to uninterrupted supply.This practical guide will show you how business continuity management can help your organisation to:carry out realistic risk identification and assessmentput in place a cost-effective, 'fit-for-purpose' business continuity planbe more competitiveenjoy greater customer loyaltyconform to the legal requirements in terms of accountability, compliance, risk awarenessreturn to 'business as usual' as quickly as possible after an unforeseen incident.The time for burying our corporate heads in the sand and thinking 'It won't happen to us' is long past. It is time to identify the risks and to increase your company's resilience in the face of potential disasters. Everything you want to know about Business Continuity will show you how to develop a modern response to the operational risk landscape and how to prepare your organisation for interruptions to your key activities, minimising the impact on your bottom line, reputation and credibility. You will be able to identify and assess the risks to your company and put in place a 'fit-for-purpose' business continuity plan which will enable you to meet the expectations of your customers and stakeholders in the event of an unforeseen incident.

This book is a preparation guide for the CPTE examination, yet is also a general reference for experienced penetration testers, ethical hackers, auditors, security personnel and anyone else involved in the security of an organization's computer systems.

Enterprise architecture is a key competency for most large organisations. This pocket guide describes the purpose, role and value of architecture in the enterprise, and the makeup and skillsets of the architecture team in different business contexts.

Shows you the innovative IT governance model developed by the largest consulting firm in the worldThis pocket guide provides you with an insider's detailed description of Accenture's IT governance policy and details its governance structure. It will showhow effective IT governance links IT strategy and IT decisions to Accenture's business strategy and business priorities.Following the best practices approach set out in this pocket guide will serve as an excellent starting point for any organisation with ambitions to achieve high performance.Benefits to business include:Boost productivity How hard do you work in other areas of your business to cut costs and improve efficiency? In testing economic times, is the absence of a clear strategy for your business's IT governance still a realistic option? Learning from Accenture's proven approach will enable you to increase your organisation's competitiveness over the longer term.Coordinate your operations To ensure effective decision-making and align your IT function with your broader business goals, you need to make the structure of your IT governance fit your overall corporate governance structure. That way, you can make your IT work for your business.Manage change effectively IT is crucial for realising the changes you want your business to make. For this reason, you cannot afford to have these changes treated merely as IT projects that have been foisted on the company by the IT department. By bringing top management on board, and giving business leaders a formal role in the IT governance of your organisation, you will make the success of any project with an IT component much more likely.Keep a grip on budgets The costs of IT projects are notoriously prone to overrun, while some IT development programmes have promised more than they ever delivered. The Accenture way of doing business is different. Following the Accenture approach means ensuring that your IT investment is backed by a solid business case, and measuring the return on investment following project completion.High performanceChief executives now put high performance IT among their top strategic objectives. So, if you are looking to improve IT governance in your own organisation, finding out what Robert E. Kress has to say is as good a starting point as any.This book will show you his company's best practice approach to the subject. Whatever business you are in, there is nearly always a clear link between the performance of your IT function and your company's overall results.

A pocket guide that puts forward the case for an organisation-wide, and fully supported IT Induction and Information Security Awareness Programme. It intends to provide clarity of purpose, equate the programme to organisational roles and offer practical assistance in the development and delivery of an IT Induction programme.

A clear, practical guide to Agile development methods. Transform your working practices and save time and money!

Presents IT managers with practical advice and tips on how to create a high-performance team. This book is designed to assist you in understanding what the characteristics are of a high-performance team, to help you assess where your team stacks up and to develop a plan of action for realising team potential.

A practical guide to improving your team's performanceCoaching helps people to define desired outcomes for themselves and encourages them to take responsibility for developing strategies and actions to achieve them. It's about helping people to learn rather than teaching them. By applying sound coaching skills within in the IT workplace, you can enhance the quality of your team's work, increase people's ability and confidence, and create a climate of high performance.If you are an IT manager and work with IT professionals on a regular basis, Coaching for High Performance will inspire you with practical advice and tips on a range of soft skills areas to help you create the ideal coaching environment for your department.Use your easy to apply coaching skills to get the best out of all of your interactions from five minutes chats, direct reports, one-to-one meetings, performance reviews, to IT project meetings.Benefits to business include:Help people to unlock their potentialQuickly and easily get the best out of every situation in as little as 15 minutesEnjoy better on-going professional relationships that help people achieve extraordinary resultsAccelerate individual's progress and help them achieve personal and business goalsCement your relationships by helping people to learnOrder this practical guide to creating a coaching environmenttoday.

Use an IT Governance strategy to reduce riskAn Introduction for Directors and IT professionalsThe modern organisation is increasingly working within the context of corporate governance. The subject dictates their day-to-day and strategic activities, especially corporate information asset risk management and investment, and the ICT infrastructure within which those information assets are collected, manipulated, stored and deployed.But what is corporate governance, and why is it important to the IT professional? Why is IT governance important to the company director, and what do directors of companies - both quoted and unquoted - need to know?The Calder-Moir FrameworkThe book also explains how to integrate each standard and framework using The Calder-Moir Framework (download for free from www.itgovernance.co.uk/calder_moir.aspx), which was developed specifically to help organisations manage and govern their IT operations more effectively, and to coordinate the sometimes wide range of overlapping and competing frameworks and standards. It also specifically supports implementation of ISO/IEC 38500, the international standard for best practice IT governance.Practical IT Governance guidanceBoard executives and IT professionals can learn to maximise their use of the numerous IT management and IT governance frameworks and standards - particularly ISO/IEC 38500 - to best corporate and commercial advantage.Build an IT Governance FrameworkWithin a 'super framework', or 'meta -framework', you can integrate each of these standards and frameworks whilst making sure that each can deliver what it was designed to do. Developing an overarching framework will enable your organisation to design IT governance to meet your own needs.

Take control of your data for a more intelligent, responsive businessProactive management of your corporate information has never been more important. Data governance isn't a challenge solely for the IT team - it's every inch a business issue.Seamless processes and a personal commitment to clean data give you the ability to generate accurate business intelligence and financial reports, and gain an instant snap shot of the health of your business. Most importantly, they also help you run a more intelligent, agile, fast-moving business than your competitors.The Data Governance Imperative is written from a business person's view of data governance. This practical book covers both strategies and tactics around managing a data governance initiative.Benefits to business include:Retain your competitive edge when data governance becomes a matter-of-fact component of corporate stewardshipComply with worldwide corporate lawsGenerate accurate business intelligence and financial reportsUnderstand your business at a deeper levelDelight your customers by gaining a better understanding of their needsHandle support issues more smoothlyDeliver better 'green' programsLearn how to become a 'change agent' and break through corporate barriers

Provides the reader with a basic understanding of how an organization's Information Technology supports and enables the achievement of its strategies and objectives. This pocket guide describes the drivers for IT governance; why it matters; and, the relationship between IT governance, risk management, information risk and project governance.

Provides a general discussion and education about information security breaches, how they can be treated and what ISO27001 can offer in that regard. This book includes real-life stories of information security incidents and breaches.

Build a strategic response to cyber attacksThe activities of the cyber criminal are both deliberate and hostile, and they can be compared to military operations. Many people in business understand that the insights from the classics of military strategy are as relevant to modern commerce as they are to war. It is clear that organisations need to develop a view of cybersecurity that goes beyond technology: all staff in the organisation have a role to play, and it is the senior managers who must ensure, like generals marshalling their forces, that all staff know the cyber security policies that explain what to do when under attack.Cyber crime cyber war?With this in mind, the authors have drawn on the work of Clausewitz and Sun Tzu, and applied it to the understanding of information security that they have built up through their extensive experience in the field. The result is expert guidance on information security, underpinned by a profound understanding of human conflict.Building on the success of the first edition, this new edition covers the most recent developments in the threat landscape and the best-practice advice available in the latest version of ISO 27001:2103.About the authorsDr Andrew Vladimirovis a security researcher. His fields of expertise include network security and applied cryptography, and he has extensive experience of performing information security assessments. He and his fellow authors are the founders of Arhont Ltd, a leading information security consultancy.Konstantin Gavrilenkohas over 15 years of experience in IT and security. As a researcher, information security is his speciality, and he has a particular interest in wireless security. He holds a BSc in management science from De Montfort University and an MSc in management from Lancaster University.Andriej Michajlowskiis an expert on network security. His research interests include user and device authentication mechanisms, and wireless networking security. He has extensive experience carrying out internal and external information security assessments. He is a graduate of the University of Kent at Canterbury and he holds an MBA.Buy today, in any format. We'll send you a download link right away, or dispatch today for fast delivery to your selected destination.

A quick guide to better IT Service ManagementMany organisations rely on a mishmash of different technologies and ad hoc working practices to deliver products and services. This makes it very difficult to make changes, measure effectiveness and improve service levels.Better for you, better for your customersEmploying a structured IT Service Management system will enable your organisation to identify how to improve the service you deliver to your customers. The international standard for IT Service management is ISO/IEC 20000. Achieving compliance with this standard brings real operational benefits and shows new and potential customers that your organisation is efficient, reliable and trustworthy.The ISO/IEC 20000 standardThis pocket guide is a handy reference to the key information on ISO/IEC 20000. It features an overview of the purpose of the standard and shows how to use it. It explains qualification programmes, certification schemes and the interrelationship of ISO20000 with other standards, such as ISO27001. The overall emphasis of the guide is on ISO20000's customer-driven approach to ensure your IT service management processes align with the needs of your business.Specific benefits of ISO/IEC 20000Improve supplier relationships and establish a stronger supply chain capable of delivering on your commitments.Develop better employee coordination, and foster team spirit leading to more efficient and effective service delivery.Demonstrate the quality and reliability of your service management capability to existing and potential customers.Win new business with customer-focused organisations that make ISO/ IEC 20000 certification a requirement when awarding contracts.Ensure your IT service management processes align with the needs of your business and ultimately grow your business by improving your bottom line.This pocket guide introduces the ISO/IEC 20000 standard and explains what your organisation needs to do to achieve compliance.Make your IT service management work for your business with ISO20000

Implement Asset Management and reap the rewardsIT Asset Management (ITAM) is the set of business practices that join financial, contractual and inventory functions to support life cycle management for elements found in the business environment, namely software and hardware.Build your hardware asset listing firstSoftware is one of the most critical elements of information and communications technologies and most organisations have huge investments in software, whether internally developed or external procured. However, with a major objective of IT Asset Management usually being software licence control, it is essential to first establish a comprehensive hardware asset listing, as software is always installed on a device. Therefore, without knowing the extent of your hardware assets, you cannot be fully aware of what software is installed where, which could cause under-licensing issues.Investment will deliver a returnRewards to be gained from effectively implementing Asset Management are many and worthwhile. Although investment in an Asset Management project may not deliver an instant return, as the project starts to mature, opportunities to make savings will become apparent.IT Asset Management: A Pocket Survival Guideis a quick reference style guide, addressing such serious issues with a fresh and pragmatic approach. Aimed at IT professionals who have been tasked with putting in place Asset Management disciplines, it first provides a commonsense introduction to the key processes outlined in the Information Technology Infrastructure Library (ITIL before proceeding to explain the various milestones of an Asset Management project. It will guide the reader through:building a hardware asset listingmanaging software asset inventory effectively, so compliance with software licences is achievedhow to get senior management buy-inhow to define, enforce and control procedures to manage IT assets more effectively for maximum savings.Buy this pocket guide today and get your Asset Management project underway.

Aims to provide guidance that helps directors and boards understand important business topics of the information age. This book comes with a complimentary copy of the eBook version.