【2019.10】IT治理：数据安全国际指南与ISO 27001/ISO 27002 IT Governance: An International Guide to Data Security and ISO 27001/ISO 27002 7th Edition，共360页。

面对越来越多的惩罚性信息和隐私相关法规的合规性要求，以及对信息安全威胁的不断扩散，迫切需要将IT治理应用于最佳实践。

Faced with the compliance requirements of increasingly punitive information- and privacy-related regulation, as well as the proliferation of complex threats to information security, there is an urgent need for organizations to adopt IT governance best practice. 

IT治理是各种规模和跨行业组织管理者的关键国际资源，它涉及信息安全的战略和运营方面。

IT Governance is a key international resource for managers in organizations of all sizes and across industries, and deals with the strategic and operational aspects of information security.

现在，在第七版中，畅销的IT治理为希望保护和增强其信息安全管理系统（ISMS）并保护自己免受网络威胁的公司提供了指导。

Now in its seventh edition, the bestselling IT Governance provides guidance for companies looking to protect and enhance their information security management systems (ISMS) and protect themselves against cyber threats. 

新版本包括全球法规的变化，特别是GDPR，以及ISO/IEC 27000系列标准、BS 7799-3:2017（信息安全风险管理）和最新审计标准的更新。

The new edition covers changes in global regulation, particularly GDPR, and updates to standards in the ISO/IEC 27000 family, BS 7799-3:2017 (information security risk management) and the latest standards on auditing. 

还包括有关ISMS的开发和实施建议，该ISMS将满足ISO 27001规范，以及如何考虑特定行业标准。

It also includes advice on the development and implementation of an ISMS that will meet the ISO 27001 specification and how sector-specific standards can and should be factored in. 

利用风险评估、合规性、设备和运营安全、恶意软件控制和资产管理等信息，IT治理是实施有效信息安全管理和治理系统的最终指南。

With information on risk assessments, compliance, equipment and operations security, controls against malware and asset management, IT Governance is the definitive guide to implementing an effective information security management and governance system.

更多精彩文章请关注微信号：