【2019.10】IT治理：資料安全國際指南與ISO 27001/ISO 27002 IT Governance: An International Guide to Data Security and ISO 27001/ISO 27002 7th Edition，共360頁。

面對越來越多的懲罰性資訊和隱私相關法規的合規性要求，以及對資訊保安威脅的不斷擴散，迫切需要將IT治理應用於最佳實踐。

Faced with the compliance requirements of increasingly punitive information- and privacy-related regulation, as well as the proliferation of complex threats to information security, there is an urgent need for organizations to adopt IT governance best practice.

IT治理是各種規模和跨行業組織管理者的關鍵國際資源，它涉及資訊保安的戰略和運營方面。

IT Governance is a key international resource for managers in organizations of all sizes and across industries, and deals with the strategic and operational aspects of information security.

現在，在第七版中，暢銷的IT治理為希望保護和增強其資訊保安管理系統（ISMS）並保護自己免受網路威脅的公司提供了指導。

Now in its seventh edition, the bestselling IT Governance provides guidance for companies looking to protect and enhance their information security management systems (ISMS) and protect themselves against cyber threats.

新版本包括全球法規的變化，特別是GDPR，以及ISO/IEC 27000系列標準、BS 7799-3:2017（資訊保安風險管理）和最新審計標準的更新。

The new edition covers changes in global regulation, particularly GDPR, and updates to standards in the ISO/IEC 27000 family, BS 7799-3:2017 (information security risk management) and the latest standards on auditing.

還包括有關ISMS的開發和實施建議，該ISMS將滿足ISO 27001規範，以及如何考慮特定行業標準。

It also includes advice on the development and implementation of an ISMS that will meet the ISO 27001 specification and how sector-specific standards can and should be factored in.

利用風險評估、合規性、裝置和運營安全、惡意軟體控制和資產管理等資訊，IT治理是實施有效資訊保安管理和治理系統的最終指南。

With information on risk assessments, compliance, equipment and operations security, controls against malware and asset management, IT Governance is the definitive guide to implementing an effective information security management and governance system.

更多精彩文章請關注微訊號：