07th October 2008
ISO27001 is an essential tool for anybody in IT. Here’s why: ‘information overload’ and ‘data insecurity’ today are commonplace complaints. Computers are ubiquitous, communication can be globally instantaneous, and someone else can get a credit ...
07th October 2008
A high-level understanding of key project management approaches and methodologies is helpful to anyone understand the different possible levels with which IT and business projects can be approached; the success or failure of projects will, to a large exte...
07th October 2008
The ITILv3 Chief Examiner and the ITIL Qualifications Board released their final guidance on the new ITILv3 qualification scheme in November 2007. Since then, some there have been some 26,000 people sit the ITILv3 Foundation Certificate exam, which is tho...
20th June 2008
The Payment Card Industry Data Security Standard (PCI DSS) looks as though it is a single, international data security standard and, on the face of it, that’s exactly what it is. The truth, however, is in the detail of implementation and surveillance: i...
21st May 2008
Executives who claim that their organizations comply with ISO 27001 but that they see no need to go through the bureaucracy of getting the ‘badge on the wall’ are only deceiving themselves. The reality, I suspect, is that most of organizations that wo...
21st May 2008
After twelve months of increasingly dramatic press headlines about failures to safeguard personal data records, it’s time to assess the size of the issue and identify best practice steps for reducing the incidence of, and damage caused by, these data br...
20th May 2008
In today’s business and legal climate the topic of Electronic Discovery is top of many organizational agendas, as ignorance in this particular subject is no longer bliss. Electronic discovery (also called e-discovery) refers to any process in which elec...
07th May 2008
After twelve months of increasingly dramatic press headlines about failures to safeguard personal data records, it’s time to assess the size of the issue and identify best practice steps for reducing the incidence of, and damage caused by, these data br...
10th April 2008
In today’s high technology environment, organizations are becoming increasingly dependant upon their information systems. Information is widely regarded as the life blood of the modern enterprise. And, consequently, the security controls surrounding the...
22nd January 2008
Risk assessment is a core competence of information security management. A recent question and answer exchange goes to the nub of how risk appetite and an organization’s risk acceptance criteria should be approached.
The question was:
‘ISO27001 ...
20th July 2006
'ITIL' is a term that is fast gaining currency around the IT world. It is often wrongly described as 'IT governance' – in fact, on its own, it certainly isn't this. ITIL is a collection of best practices that helps companies implement an IT Service Manag...
09th June 2006
In today's fast-changing information economy, IT project governance (http:// www.itgovernance.co.uk/page.proj_gov ) has emerged as one of the most vital corporate responsibilities. The relentless pressure to innovate whilst simultaneously driving down cos...
