This book provides practical guidance that helps directors and boards master the most important business topic of the information age - and comes complete with a complimentary copy of the eBook version.
This book is an essential read for those sitting on the board of any organisation that wants to secure its information, its intellectual property and its competitive advantage.
Written for a non-technical, commercially-minded audience, this book offers a comprehensive introduction to the critical subject of IT governance.
Your business will stand or fall on the quality of its IT governance. Information technology can enable you to improve your operations and cut costs. And by changing the way you deal with your customers, IT may even have the potential to transform your entire business.
However, IT involves an element of risk. For the sake of your bottom line, these risks are something your company needs to be capable of managing.
IT governance generally enjoys less board understanding and commitment than corporate governance. However, the reality is that the IT function is vital to the running of your business and so IT governance too requires leadership from the top.
Information security breaches have the potential to alienate your customers and to damage your company's reputation. The consequences of cyber crime could cripple your business with heavy financial losses. Failure to comply with the information security requirements of corporate governance codes may even cause your company to be denied a presence in entire countries.
The road to information security goes through corporate governance. This means that information security has to be a specific board-agenda item, and a priority at CEO level.
While you can easily judge how much a factory is worth, some of your company's most important assets may be the intangible ones. The real worth of your company is a matter of its intellectual capital - such as patents, designs and databases - as well as the sites and machinery in its possession.
This kind of information is held on computer systems. So your company needs to be as serious about protecting its digital information from industrial espionage and cybercrime as it is about protecting its warehouses from robbery and arson.
Having an effective IT governance framework in place will help you to safeguard your company against an information security breach. At the same time, your IT governance framework can open doors for your business.
By ensuring that your IT systems are properly integrated with your business, and in harmony with your overall business goals, your company will be in a far better position to drive through changes and improvements. Establishing an IT governance framework is essential for the success both of IT projects and for the larger projects that need support from across the whole organisation.
Alan Calder, the founder and executive chairman of IT Governance Ltd, is an internationally acknowledged cyber security expert, and a leading author on information security and IT governance issues.
He co-wrote the definitive compliance guide IT Governance: An International Guide to Data Security and ISO27001/ISO27002, which is the basis for the Open University’s postgraduate course on information security, and has been involved in the development of a wide range of information security management training courses that have been accredited by the International Board for IT Governance Qualifications (IBITGQ). Alan has consulted on data security for numerous clients in the UK and abroad, and is a regular media commentator and speaker.