IT Governance: An international guide to data security and ISO 27001/ISO 27002

IT Governance Publishing · Alan Calder · Steve G Watkins

Jul 2025 · Packt Publishing Ltd

Ebook

486

Pages

Ratings and reviews aren’t verified Learn More

About this ebook

An in-depth guide to IT governance that explores security threats, risk management, and regulatory compliance. This book covers key frameworks like ISO 27001 and provides actionable steps to protect organizational information.Key Features

In-depth coverage of IT governance and security frameworks
Practical steps to implement ISO 27001 and risk management strategies
Real-world scenarios to help professionals secure their IT environments

Book DescriptionIn the modern digital landscape, information security has never been more critical. This book introduces readers to the essential components of IT governance, focusing on frameworks like ISO 27001 and strategies for managing risks in today's complex information economy. The content explores key topics like cybersecurity, risk management, information security policies, and compliance with international standards. As you progress, you’ll learn to navigate the challenges of organizing and maintaining a secure IT environment, with insights into compliance regulations, security frameworks, and governance codes. The book provides hands-on guidance on applying security controls, setting up robust information security policies, and evaluating risks. Real-world scenarios and practical applications ensure the knowledge gained is immediately applicable to professional environments. The journey culminates in an understanding of how to integrate IT governance within an organization. You’ll learn to assess vulnerabilities, implement risk management strategies, and ensure that security measures align with both business goals and regulatory requirements. The book equips readers with the tools needed to strengthen IT systems against evolving threats and to stay ahead in the information security landscape.What you will learn

Assess and manage IT risks effectively
Handle security incidents and breaches
Understand regulatory compliance requirements
Develop security policies for the organization
Use risk management tools and techniques
Integrate security across various organizational functions

Who this book is for

This book is designed for IT professionals, information security managers, and those responsible for cybersecurity in organizations. It is ideal for those looking to enhance their knowledge of IT governance and information security management. A background in IT systems and security concepts will help, as the book delves into advanced topics such as ISO 27001 certification, risk assessment, and compliance with governance codes. It's also perfect for professionals preparing for roles in IT governance or seeking to improve their organization's information security posture.

About the author

IT Governance Publishing (ITGP) is the world's only specialist IT governance publisher. We produce books, toolkits and training aids on a wide range of topics including information security, IT governance, information risk, compliance, cyber security, IT service management, project management and management system standards.

Alan Calder is the Group CEO of GRC International Group PLC, the AIM-listed company that owns IT Governance Ltd. Alan is an acknowledged international Cyber Security Guru, and a leading Author on Information Security and IT Governance issues. He has been involved in the development of a wide range of Information Security Management training courses that have been accredited by IBITGQ (International Board for IT Governance Qualifications). Alan has consulted for clients across the globe and is a regular Media Commentator and Speaker.

Steve G Watkins is an executive director at GRC International Group plc. He is a contracted technical assessor for UKAS – advising on its assessments of certification bodies offering ISMS/ISO 27001 and ITSMS/ISO 20000-1 accredited certification and also undertakes information security assessments of forensic science laboratories seeking accreditation to the Forensic Science Regulator's codes of practice and conduct. Steve is a member of ISO/IEC JTC 1/SC 27, the international technical committee responsible for information security, cyber security and privacy protection standards, where he is a co-editor of ISO/IEC 27006-1. He chairs IST 33, the UK national standards body's technical committee that mirrors SC 27, and is a member of the European Commission's Stakeholder Cybersecurity Certification Group (SCCG). Steve started working with ISMS standards in 1997. He has since supported a wide range of training and consultancy clients working with ISO/IEC 27001, including globally recognised brands, public-sector organisations and a wide selection of SMEs. Steve was a director of IT Governance Ltd from 2008 and on the board of GRC International Group PLC through to May 2021.

Rate this ebook

Tell us what you think.

Reading information

Smartphones and tablets

Install the Google Play Books app for Android and iPad/iPhone. It syncs automatically with your account and allows you to read online or offline wherever you are.

Laptops and computers

You can listen to audiobooks purchased on Google Play using your computer's web browser.

eReaders and other devices

To read on e-ink devices like Kobo eReaders, you'll need to download a file and transfer it to your device. Follow the detailed Help Center instructions to transfer the files to supported eReaders.

Report illegal content