Please use the links above to find what you were looking for.
You may not have been able to visit your page because of:
1. An out-of-date bookmark/favourite
2. A search engine that has an out-of-date listing
3. A mistyped address
4. You have no access to this page
5. The requested resource was not found.
6. An error has occurred while processing your request.
“It’s practical approach to various aspects of the GDPR will be of value to DP practitioners in organisations of all sizes”
Laura Linkomies
The Regulation, which came into force on 25 May 2018, applies to all data controllers and processors that handle EU residents’ personal information.
All organisations – wherever they are in the world – that process the personal data of EU residents must comply with the Regulation. Failure to do so could result in fines of up to €20 million or 4% of annual global turnover – whichever is greater.
This book provides a detailed commentary on the GDPR, explains the changes you need to make to your data protection and information security regimes, and tells you exactly what you need to do to avoid severe financial penalties.
Now in its second edition, EU GDPR – An Implementation and Compliance Guide is a clear and comprehensive guide to this new data protection law. It explains the Regulation and sets out the obligations of data processors and controllers in terms you can understand.
Topics covered include:
New in the second edition are:
The GDPR will have a significant impact on organisations’ data protection regimes around the world. EU GDPR – An Implementation and Compliance Guide shows you what you need to do to comply with the new law.
IT Governance is a leading global provider of IT governance, risk management and compliance expertise. We pride ourselves on delivering a broad range of integrated, high-quality solutions that meet the real-world needs of our international client base.
Our privacy team, led by Alan Calder, has substantial experience in privacy, data protection, compliance and information security. This practical experience, our understanding of the background and drivers for the GDPR, and the input of our fast-growing team of consultants and trainers are combined in this manual to provide the world’s first guide to implementing the new data protection regulation.
Written by an acknowledged expert on the new ISO27001 Standard, An Introduction to Information Security and ISO27001:2013 is the ideal resource for anyone wanting a clear, concise, and easy-to-read primer on information security. It will ensure the systems you put in place are effective, reliable, and auditable.
This pocket guide will help you to:
Contact us if you are looking for the ISO27001:2005 edition.
There are two core PRINCE2® 2009 books:
An Introduction to PRINCE2®: Managing and Directing Successful Projects, 2009 edition provides a high-level introduction to the updated PRINCE2® method, and covers both the Managing and Directing PRINCE2® publications.
An Introduction to PRINCE2®: Managing and Directing Successful Projects, 2009 edition:
Click to expand full contents »
1. Introduction
1.1 Purpose of this guide
1.2 Where do projects fit in?
1.3 What is a project?
1.4 What is project management?
1.5 What is PRINCE2?
1.6 PRINCE2 in context
1.7 Structure of this guide
1.8 Related OGC guidance
2. The PRINCE2 principles
2.1 Continued business justification
2.2 Learn from experience
2.3 Defined roles and responsibilities
2.4 Manage by stages
2.5 Manage by exception
2.6 Focus on products
2.7 Tailor to suit the project environment
3. Themes
3.1 Business Case
3.2 Organization
3.3 Quality
3.4 Plans
3.5 Risk
3.6 Change
3.7 Progress
4. Processes
4.1 The PRINCE2 journey
4.2 Starting up a Project
4.3 Initiating a Project
4.4 Controlling a Stage/Managing Product Delivery
4.5 Managing a Stage Boundary
4.6 Closing a Project
5. Project Board duties and behaviours
5.1 The role of senior management in PRINCE2
5.2 Be accountable for the project
5.3 Provide unified direction
5.4 Delegate effectively
5.5 Facilitate cross-functional integration
5.6 Commit resources
5.7 Ensure effective decision making
5.8 Support the Project Manager
5.9 Ensure effective communication
6. Tailoring PRINCE2 to the project environment
6.1 Tailoring PRINCE2 for projects in a programme environment
6.2 Tailoring PRINCE2 according to project scale
Appendix A: Product Description outlines
A.1 Benefits Review Plan
A.2 Business Case
A.3 Checkpoint Report
A.8 End Project Report
A.9 End Stage Report
A.10 Exception Report
A.11 Highlight Report
A.13 Issue Report
A.15 Lessons Report
A.16 Plan
A.17 Product Description
A.19 Project Brief
A.20 Project Initiation Documentation
A.21 Project Product Description
A.26 Work Package
Further information
Glossary
Index
Please note
We also offer The Official PRINCE2®:2009 Book Bundle, which enables you to purchase the core official PRINCE2®:2009 books together at a reduced price.
Web application vulnerabilities are a common point of intrusion for cyber criminals. As cybersecurity threats proliferate and attacks escalate, and as applications play an increasingly critical role in business, organizations urgently need to focus on web application security to protect their customers, their interests, and their assets.
Although awareness of the need for web application security is increasing, security levels are nowhere near enough: according to the 2015 Trustwave Global Security Report, 98% of tested web applications were vulnerable to attack.
SMEs in particular should be very concerned about web application security: many use common, off-the-shelf applications and plugins—such as Internet Explorer, Java, Silverlight, and Adobe Reader and Flash Player—which often contain exploitable vulnerabilities.
Application Security in the ISO 27001:2013 Environment explains how organizations can implement and maintain effective security practices to protect their web applications—and the servers on which they reside—as part of a wider information security management system by following the guidance set out in the international standard for information security management, ISO 27001.
The book describes the methods used by criminal hackers to attack organizations via their web applications and provides a detailed explanation of how you can combat such attacks by employing the guidance and controls set out in ISO 27001.
Order Application Security in the ISO27001 Environment to secure your web applications today.
The activities of the cyber criminal are both deliberate and hostile, and they can be compared to military operations. Many people in business understand that the insights from the classics of military strategy are as relevant to modern commerce as they are to war. It is clear that organizations need to develop a view of cybersecurity that goes beyond technology: all staff in the organization have a role to play, and it is the senior managers who must ensure, like generals marshaling their forces, that all staff know the cybersecurity policies that explain what to do when under attack.
With this in mind, the authors have drawn on the work of Clausewitz and Sun Tzu and applied it to the understanding of information security that they have built up through their extensive experience in the field. The result is expert guidance on information security, underpinned by a profound understanding of human conflict.
Building on the success of the first edition, this new edition covers the most recent developments in the threat landscape and the best-practice advice available in the latest version of ISO 27001:2103.
Additional information
Click here to view a sample of the book >>