Book Reviews Archives - IT Governance Blog En

ISO 27001: A guide to implementation and auditing

Luke Irwin 28th June 2022 Book Reviews, ISO 27001 No Comments

A guide to implementing and auditing ISO 27001

An extract from ISO 27001 controls – A guide to implementing and auditing. An ideal book for anyone implementing or auditing an ISO 27001- compliant ISMS (Information Security Management System).

[Continue Reading...]

What is an EnMS (energy management system)?

Alice Baker 26th May 2022 Book Reviews No Comments

ISO 50001 – A strategic guide to establishing an energy management system

This pocket guide gives a practical but strategic overview for leadership teams of what an energy management system (EnMS) is and how implementing one can bring added value to an organisation. It is not a ‘how to’ book but explains why starting …

[Continue Reading...]

A breakdown of the GDPR’s six data processing principles

Alice Baker 28th January 2020 Book Reviews, GDPR No Comments

EU General Data Protection Regulation (GDPR) - An Implementation and Compliance Guide, Third edition

Chapter 2 of EU GDPR - An Implementation and Compliance Guide, give a breakdown of the GDPR’s six data processing principles. Read the extract here.

[Continue Reading...]

ISO/IEC 27701 and the privacy information management system requirements

Alice Baker 22nd January 2020 Book Reviews No Comments

ISO/IEC 27701:2019 is the international standard for privacy information management. It is structured in the same way as ISO/IEC 27001 – hence from the establishment of the privacy information management system (PIMS) through to its review and adaptation. There are …

[Continue Reading...]

GDPR compliance and managing personal data internationally

Alice Baker 8th January 2020 Book Reviews, GDPR No Comments

Chapter 13 of EU GDPR - An Implementation and Compliance Guide, breaks down compliance and managing personal data internationally. Read the extract here.

[Continue Reading...]

NIS Directive – The EU’s Directive on security of network and information systems

Alice Baker 18th November 2019 Book Reviews No Comments

The EU’s Directive on security of network and information systems (NIS Directive) is part of the legislated response to these threats. It aims to establish a “high common level of security of network and information systems across the Union” (NIS …

[Continue Reading...]

The psychology of compliance

Alice Baker 4th November 2019 Book Reviews No Comments

The human decision-making process is the preferred subject of psychologists and economists. Historically, they adopted an approach of viewing human behaviour as regular and highly predictable.

[Continue Reading...]

Develop better cyber security by taking a wider view of the threats

Alice Baker 30th October 2019 Book Reviews, Other Blogs No Comments

To combat an increase in cybersecurity vulnerabilities as a result of this ever-increasing connectivity, organizations should shift their approach to focus on protecting the valuable information, rather than limiting their efforts on hardening information system endpoints.

[Continue Reading...]

Protect your organisation by building a security-minded culture

Alice Baker 23rd October 2019 Book Reviews, Other Blogs 1 Comment

In Build a Security Culture, security consultant and trainer Kai Roer discusses the human and cultural factors in organisational security, and explains how to ensure your organisation is set up to manage and deter malicious intrusions and threats based on common human vulnerabilities. Here is an extract taken from chapter 7 of …

[Continue Reading...]

A concise guide to PCI DSS v3.2.1

Alice Baker 27th September 2019 Book Reviews, PCI DSS No Comments

All target dates for compliance with the PCI DSS have long since passed. The Standard is now on its third version, with the fourth in development with a predicted release date of Q4 2020. It is likely that v3.2.1 will …

[Continue Reading...]