Reconsider how you view compliance – and your business will reap the rewards!
A must have book for anyone who is looking to develop awareness and deeper insight into IT controls, strategies and techniques to solve compliance challenges!
What does 'compliance' mean to you? Is it a burden, a box-ticking exercise, or a way to avoid the penalties of non-compliance? Or do you see the opportunities it presents for your business?
In Compliance by Design, Chong Ee will show you how your organisation can benefit from becoming compliant with the relevant national and international standards. You will discover how integrating controls into your processes will improve your security, increase your productivity, save you time and money, and increase your profits.
Drawing on personal experience and using up-to-date, practical examples, the book considers the elements and principles of controls, and offers strategies to put them in place. It will show you how to:
Moving away from traditional efforts
Traditional efforts in attaining or sustaining IT compliance employ an outside-looking-in approach, characterised by capturing varied compliance requirements and/or frameworks and applying these within the organisation. This book advocates an inside-looking-out approach, emphasising fundamental ideas of good control design as the basis for developing effective and sustainable IT compliance strategies.
Tools and techniques
Intended to arm you with the tools and techniques to put in place the right system of internal controls, the focus is on IT controls, but with plenty of references to business and entity controls, too.
What others are saying about this book ...
'As the title implies Chong Ee offers the reader a "Journey to unravel the essence of IT Controls." The book moves quickly and raises a lot of thought provoking questions, providing windows into compliance: Elements, Principles and Strategies. Not a classic check list of controls, this book encourages thinking, which I see as very beneficial when designing IT controls. It is well worth the read.'Michael P Cangemi CPA,Author of Managing the Audit Function and former long time Editor-in-Chief of the ISACA JournalBuy this book and see how compliance can work for you!
Table of contents
Part I: Elements
- Chapter 1: People
- Chapter 2: Data
- Chapter 3: Objectives
- Chapter 4: Systems
- Chapter 5: Activities
- Chapter 6: Risks
Part II: Principles
- Chapter 7: Proximity
- Chapter 8: Alignment
- Chapter 9: Coupling
- Chapter 10: Balance
- Chapter 11: Resilience
Part III: Strategies
- Chapter 12: Finding the Glue
- Chapter 13: Connecting the Dots
- Chapter 14: Laying the Foundation
- Chapter 15: Managing the Interface
- Chapter 16: Embedding into Process
- Chapter 17: Breaking the Cycle
- Chapter 18: Building Momentum
- Part IV: Action
- ITG Resources
- Title: Compliance by Design: IT Controls that Work
- Release date: September 2011
- Publisher(s): IT Governance Publishing
- ISBN: 9781849282970
You might also like
CISSP, Second Edition
Duration Almost 26 hours of deep-dive training covering every objective in the latest (ISC)2 CISSP exam. …
CISA (Certified Information Systems Auditor)
OverviewThe CISA (Certified Information Systems Auditor) Complete Video Course is an engaging self-paced video training solution …
NIST Cybersecurity Framework - A pocket guide
The NIST CSF is a framework for organizations to manage and mitigate cybersecurity risk based on …
Fully Compliant: Compliance Training to Change Behavior
A Better Kind of Compliance Training Compliance training succeeds when you balance the needs of not …