You are previewing Governance and Internal Controls for Cutting Edge IT.
O'Reilly logo
Governance and Internal Controls for Cutting Edge IT

Book Description

IT security risks are constantly changing, so how do we stay ahead?

To remain competitive we rely on being early adopters of new technologies — but there are inherent risks. As we implement these technologies, how do we manage the risks without hindering the progress of the business?

In Governance and Internal Controls for Cutting Edge IT, Karen Worstell explains strategies and techniques to guide IT managers as they implement cutting edge solutions for their business needs. Based on practical experience and real-life models, she covers key principles and processes for the introduction of new technologies and examines how to establish an appropriate standard of security and control, particularly in the context of the COBIT 5 framework and affiliated standards.

This book will enable you to:

  • Optimize your resources by making the most of the potential benefits, and being aware of the potential risks, of your IT provision.
  • Improve your stakeholder relationships by enhancing your service management and delivery through the application of appropriate standards.
  • Apply security and control methods that are suitable for your business.
  • Maximize the opportunities that are presented by compliance legislation and regulations.
  • Manage your data storage, data recovery and data migration, particularly in the context of the Cloud
  • Ensure business continuity in the face of an incident, and implement strategies to cover the risk of business interruption when using the Cloud.
"

Table of Contents

  1. Cover
  2. Title
  3. Copyright
  4. Acknowledgements
  5. Contents
  6. Introduction
    1. What is the Cloud and Cutting Edge IT?
    2. A Growing Gap
    3. Disruptive Innovation
    4. Impact of Disruptive Events
    5. Looking Forward
    6. Rate of Change and Compliance
    7. Focus of this Text
    8. The Basics are Familiar
    9. Organization of the Book
  7. Chapter 1: Cutting Edge IT
    1. Baseline of Capability
    2. Internet of Things
    3. Mobile Computing
    4. Social Media Driven Business
    5. Big Data
    6. Crowdsourcing
    7. Virtual Life, Alone Together
    8. Cloud Computing
  8. Chapter 2: Governance
    1. IT Governance Concepts and Principles
    2. Evaluating, Directing, and Monitoring
  9. Chapter 3: Legislative and Regulatory Compliance Concerns
    1. Overview of the Regulatory and Statutory Landscape
    2. An Historical Legislative Overview
  10. Chapter 4: Getting the Business Case Right
    1. A Cost Model For Emerging Technology is Essential
    2. When the Case “For” is Compelling
    3. Can Caution be Quantified?
    4. Putting Together the Cost Model and Business Case
    5. Holistic Qualitative Cost Model Approach
    6. Business Case Structure for Innovative IT
    7. The Approach to Addressing the Business Need
    8. Cost
    9. Alternatives Analysis
  11. Chapter 5: Service Level Management
    1. Overview of ISO/IEC 20000
    2. Overview of Information Technology Infrastructure Library (ITIL® V3)
  12. Chapter 6: Security and Control Approach
    1. Risk Assessment vs. a Baseline Approach
    2. New Technology Adoption Principles of IT Security
    3. Extending the CIA Triad
    4. A Baseline Security Approach
    5. Using ISO27001/2 as a Baseline
  13. Chapter 7: Data Management
    1. Data Protection for Cutting Edge IT
  14. Chapter 8: Business Continuity and Recovery
    1. Business Continuity for Cutting Edge IT
  15. Chapter 9: Secure IT-Enabled Organizations
    1. Good Controls Create Value
    2. The Key to Success for IT-Enabled Change
  16. Bibliography
  17. ITG Resources