Qioptiq logo Raytheon


Web Page sponsored by IT Governance


IT Governance is a unique organisation.

We source, create and deliver products and services to meet the real-world, evolving IT governance needs of today’s organizations, directors, managers and practitioners. Our objective is to make this site the one-stop-shop for comprehensive corporate and IT governance information, advice, guidance, books, tools, training and consultancy.

We have been involved in designing, and successfully implementing, cost-effective BS 7799/ISO 27001 information security management systems since the standard was first promulgated. We write and publish extensively on IT governance subjects, including IT service management, project governance, regulation and compliance, and have evolved a range of leading-edge tools for IT governance, information security and regulatory compliance practitioners, available through the online shop on this site.

We approach IT governance, regulatory compliance and information security issues from a management perspective and are committed to engaging business leaders in developing and implementing information, ICT regulatory compliance and information security strategies that enable their businesses to compete effectively in the global information economy.

IT Governance Ltd
t:+ 44 (0) 8450 701750
d:+ 44 (0) 1353 771068
f:+ 44 (0) 1353 662667

03 May 11. Why is the ISO27001 Internal Auditor important? The ISO/IEC 27001:2005 Information Security standard has become the ‘de-facto’ specification and best practice framework, ensuring that organisations worldwide secure their confidential information assets and maintain their competitive position. The role of an Internal Auditor in an organisation is crucial to continued compliance to ISO27001 and in making sure that the internal information security requirements are maintained. Reviewing the effectiveness of security controls and recommending suitable modifications are at the heart of the continual process improvement of any successful Information Security Management System (ISMS). In addition to ensuring that the ISMS meets the needs of the organisation, the Internal Auditor can also audit 3rd party suppliers and partners to ensure that they have adequate information security controls in place.

03 May 11. ISO27001 ISMS Internal Auditor Training Course – 19-20 May 2011. The ISO27001 ISMS Internal Auditor Training Course is designed to prepare delegates to fulfil the duties of an Internal Auditor to fully audit compliance with ISO27001 and against the controls contained in the related ISO27002 Best Practice standard. Using the principles based on the ISO 19011:2002 internal audit best practice, this course offers complete guidance for information security management systems auditing and includes the following:
* Securing agreement of the goals for individual audits within an audit programme;
* Reducing duplication of effort when conducting combined information security audits;
* Ensuring audit reports follow the best format and contain all the relevant information;
* Evaluating the competence of members of an audit team against appropriate criteria.
Ensure your organisation maintains compliance to ISO27001 and continually improves the management of it information security.
Book on the ISO27001 ISMS Internal Auditor Training Course now.
If your organisation is not yet compliant with ISO27001, we recommend that you consider attending the ISO27001 Certified ISMS Lead Implementer course which is designed to provide a complete solution to achieving compliance and implementing best practice.
Use BS25999 to develop a Business Continuity Plan that actually works

03 May 11. Will your current Business Continuity or Disaster Recovery Plan really do the job? With the ever increasing operational risks, many UK private and public sector organisations have developed a Business Continuity or Disaster Plan to enable them to recover from

Back to article list