Asia
Select regional store:

We're sorry but that page cannot be found

Please use the links above to find what you were looking for.

You may not have been able to visit your page because of:

   1. An out-of-date bookmark/favourite
   2. A search engine that has an out-of-date listing
   3. A mistyped address
   4. You have no access to this page
   5. The requested resource was not found.
   6. An error has occurred while processing your request.

Are you looking for:

EU General Data Protection Regulation (GDPR) - An Implementation and Compliance Guide, Second Edition

An in-depth guide to the changes your organisation needs to make to comply with the EU GDPR.

 

“It’s practical approach to various aspects of the GDPR will be of value to DP practitioners in organisations of all sizes”

Laura Linkomies

Privacy Laws and Business Report, September 2017

 

The Regulation, which came into force on 25 May 2018, applies to all data controllers and processors that handle EU residents’ personal information.

All organisations – wherever they are in the world – that process the personal data of EU residents must comply with the Regulation. Failure to do so could result in fines of up to €20 million or 4% of annual global turnover – whichever is greater.

This book provides a detailed commentary on the GDPR, explains the changes you need to make to your data protection and information security regimes, and tells you exactly what you need to do to avoid severe financial penalties.

Look inside this book here >>

 

Product overview

Now in its second edition, EU GDPR – An Implementation and Compliance Guide is a clear and comprehensive guide to this new data protection law. It explains the Regulation and sets out the obligations of data processors and controllers in terms you can understand.

Topics covered include:

  • The data protection officer (DPO) role, including whether you need one and what they should do;
  • Risk management and data protection impact assessments (DPIAs), including how, when and why to conduct one;
  • Data subjects’ rights, including consent and the withdrawal of consent, subject access requests (SARs) and how to handle them, and data controllers and processors’ obligations;
  • International data transfers to ‘third countries’, including guidance on adequacy decisions and appropriate safeguards, the EU-US Privacy Shield, international organisations, limited transfers and Cloud providers;
  • How to adjust your data protection processes to comply with the GDPR, and the best way of demonstrating that compliance; and
  • A full index of the Regulation to help you find the articles and stipulations relevant to your organisation.

New in the second edition are:

  • Additional definitions;
  • Further guidance on the DPO role;
  • Greater clarification on data subjects’ rights;
  • Extra guidance on DPIAs;
  • More detailed information on SARs;
  • Clarification of consent and alternative lawful bases for processing personal data; and
  • An implementation FAQ appendix.

The GDPR will have a significant impact on organisations’ data protection regimes around the world. EU GDPR – An Implementation and Compliance Guide shows you what you need to do to comply with the new law.

 

About the authors

IT Governance is a leading global provider of IT governance, risk management and compliance expertise. We pride ourselves on delivering a broad range of integrated, high-quality solutions that meet the real-world needs of our international client base.

Our privacy team, led by Alan Calder, has substantial experience in privacy, data protection, compliance and information security. This practical experience, our understanding of the background and drivers for the GDPR, and the input of our fast-growing team of consultants and trainers are combined in this manual to provide the world’s first guide to implementing the new data protection regulation.

 

An Introduction to Information Security and ISO 27001 (2013) A Pocket Guide, Second Edition

The ideal primer for anyone implementing an Information Security Management System (ISMS)

Written by an acknowledged expert on the new ISO27001 Standard, An Introduction to Information Security and ISO27001:2013 is the ideal resource for anyone wanting a clear, concise, and easy-to-read primer on information security. It will ensure the systems you put in place are effective, reliable, and auditable.

This pocket guide will help you to:

  • Make informed decisions
    Using this guide will enable the key people in your organization to make better decisions before embarking on an information security project.
  • Ensure everyone is up to speed
    Use this guide to give the non-specialists on the project board and in the project team a clearer understanding of what the project involves.
  • Raise awareness among staff
    Use this guide to make sure your people know what is at stake with regard to information security and understand what is expected of them.
  • Enhance your competitiveness
    Use this guide to let your customers know that the information you hold about them is managed and protected appropriately.

Buy this pocket guide and learn how you can keep your information assets secure.

Contact us if you are looking for the ISO27001:2005 edition.

About the Author

Steve G. Watkins managed the world’s first successful BS7799 (the forerunner of ISO27001) implementation project and leads the consultancy and training services of IT Governance Ltd. He is Chair of the ISO/IEC 27001 User Group, the UK Chapter of the ISMS International User Group, and an ISMS Technical Assessor for UKAS, advising on their assessments of certification bodies offering accredited certification. He has over 20 years’ experience managing integrated management systems, including maintenance of Information Security, Quality, Environmental and Investor in People certifications. His experience includes senior management positions in both the public and private sectors.

             



To hear about new books and exclusive offers from IT Governance Publishing, sign up and select 'Books' from the New Products options.

BS 10012:2017 +A1 2018 - Specification for a personal information management system (PIMS)

Data protection compliance with BS 10012:2017 +A1 2018

The BS 10012:2017 +A1 2018 specification provides a framework to manage the risks to the privacy of personal data and implement the necessary policies, procedures and controls to help ensure compliance with the GDPR. It is designed to follow the plan-do-check-act cycle (PDCA) to ensure continual improvement.

View table of contents >>

The benefits of a BS 10012:2017 +A1 2018 personal information management system

  • Identify risks to personal information and put controls in place to mitigate them
  • Use as part of a privacy compliance framework to demonstrate compliance with the GDPR
  • Gain stakeholder and customer trust that their personal data is protected
  • Safeguard your organisation’s reputation and avoid adverse publicity
  • Benchmark your personal information management practices against recognised best practice
Information Security Breaches - Avoidance and Treatment based on ISO27001, Second Edition

What if you suffer an information security breach?

Many books explain how to reduce the risk of information security breaches. Nevertheless, breaches do occur, even to organizations that have taken all reasonable precautions. Information Security Breaches – Avoidance and treatment based on ISO 27001:2013 helps you to manage this threat by detailing what to do as soon as you discover a breach.


Be prepared, be prompt, be decisive

When your organization’s security is compromised, you cannot afford to waste time deciding how to resolve the issue. You must be ready to take prompt and decisive action. Updated to cover ISO 27001:2013, this second edition gives you clear guidance on how to treat an information security breach and tells you the plans and procedures you have to put in place to minimize damage and return to business as usual.


A recovery plan will help you to:

  • Recover, and resume normal operations, more quickly
  • Preserve customer confidence by quickly resolving service disruption
  • Secure evidence to help with any criminal investigation and improve your chances of catching those responsible.

About the Author

Michael Krausz is an IT expert and experienced professional investigator. He has investigated over a hundred cases of information security breaches. Many of these cases have concerned forms of white-collar crime. He studied physics, computer science, and law at the University of Technology in Vienna, and at Vienna and Webster Universities. He has delivered over 5000 hours of professional and academic training and has provided services in eleven countries to date.


This website uses cookies. View our cookie policy
Loading...