Information Governance

Gain confidence in regulatory compliance, drive effective infotech investment, and uplift organizational knowledge for effective data governance. Based on the authors’ extensive experience and reinforced with case studies, this book presents their award-winning framework of business tools and techniques. It provides a 4-point strategy for achieving business-driven information governance aligned with business risk management to ensure the delivery of quality and reliable information. Master a structured approach to sharing knowledge and defining business terms by removing ambiguous ...

Are you ready to revolutionize your organization’s approach to cybersecurity and learn GRC? In a world where threats evolve faster than ever, achieving robust Governance, Risk Management, and Compliance (GRC) is no longer optional—it’s essential. Yet, countless organizations struggle to bridge the gap between lofty compliance standards and practical implementation. Imagine having a proven roadmap that transforms the complexities of cybersecurity frameworks into a clear, actionable plan tailored to your organization’s unique needs while giving you a practical understanding of GRC. ...

If CISSP feels like a wall of terms, this book turns it into a system you can actually use. The CISSP exam rewards judgment, priorities, and risk-based decision-making. This guide helps you think the way CISSP expects across all eight domains, without drowning you in fluff. What you’ll get inside: Clear, plain-English explanations of core CISSP concepts Mental models that connect the domains so the material stops feeling random The CISSP manager mindset: risk, policy, governance, and business impact How to spot what the question is really asking Common traps and why smart people miss them...

If you are preparing for the ISACA CISA exam and juggling a full schedule, you need an approach that is focused, practical, and repeatable. CISA For Busy People is built to help you study with purpose. It emphasizes exam-ready decision making across the CISA domains, using clear explanations and realistic audit context so you can retain what matters and answer confidently. What you will get in this book: A practical roadmap for how to think through CISA-style questions Plain-language explanations of audit, risk, and control concepts Guidance on audit planning, fieldwork, evidence, and ...

CISM questions are designed to test manager-level judgment. They often present realistic situations where multiple responses sound reasonable, and the difference between a pass and a frustrating miss comes down to priorities: what comes first, what should be formalized, who owns the decision, and what aligns best to governance and business objectives. CISM Flash Cards is built to train that thinking through repetition. This book includes 1,000 digital flash cards designed for daily drills and rapid review. The cards reinforce the language and core concepts across the four CISM domains: ...

"Information Security for CRO: Master Cyber Risk in Just 6 Hours!" is a crucial resource for Chief Risk Officers and senior leaders navigating the increasingly complex landscape of cybersecurity. Designed as an executive-level guide, it provides a fast-paced and efficient learning journey, condensing years of cybersecurity expertise into approximately six hours of focused study. This allows CROs to quickly grasp essential concepts and implement practical strategies for mitigating cyber risks, all while avoiding technical overload. The book equips readers with actionable insights and ...

Conquer the AHIMA RHIA Exam delivers a fast-paced, audiobook-friendly review of the essential knowledge required for success as a Registered Health Information Administrator. In under ninety minutes, this focused guide explains the full scope of health information management—combining data governance, compliance, leadership, and informatics into one seamless overview. This concise study resource covers every major RHIA domain, including information governance, health data management, analytics, privacy and security, revenue cycle oversight, regulatory compliance, and organizational ...

Just because we can do something, does that mean we should do it? While embracing the promise of technological advances and data-driven decision-making, a democratic society also must acknowledge and address potential harms to individuals, populations, and society as a whole. In this data ethics “playbook,” data governance practitioner and educator Kathy Rondon lays out potential problems in our collection, sharing, use, and retention of data; how those problems can negatively impact more than just an individual person’s privacy; and the questions we should be asking of ourselves and ...

Navigating the complex terrain of SOC2 compliance can be a daunting task. "A Step-by-Step Guide to SOC2 Type 1 Attestation and Type 2 Certification" is your trusted companion on this journey, offering a comprehensive, accessible, and practical roadmap to achieving and maintaining SOC2 compliance. Penned by renowned information security expert, Russell D. Nomer, CISSP, this guide leverages over 30 years of experience and delivers invaluable insights in an engaging and reader-friendly manner. From understanding the importance of SOC2 attestation to conducting successful audits and mitigating ...

Organizations need governance documents; those policies, procedures, and other written rules that tell the organization and employees what to do and how to do it. These documents are an important part of management to help the organization comply with legal requirements, accomplish its mission, and run efficiently. Policies have legal significance and are the first things requested by a government regulator or civil plaintiff—they could be Exhibit 1 in a lawsuit. Or they could be quality documents that keep your organization’s practices in compliance and avoid a lawsuit in the first ...

Created for IT service managers, consultants, and other practitioners in IT governance, risk management, and compliance, this practical book discusses all the key concepts of COBIT® 5 and explains how to direct the governance of enterprise IT (GEIT) using the COBIT®5 framework. Drawing on more than 30 years of experience in the IT sector, the author explains the main frameworks and standards supporting GEIT, discusses the ideas of enterprise and governance, and describes the path from corporate governance to the governance of enterprise IT.

CCISO Flash Cards are designed for rapid review and steady progress, one short session at a time. Use this book to: Drill CCISO terms, concepts, and leadership patterns through repetition Strengthen recall for governance, risk, and program management topics Practice the language used in executive-focused security questions Study in small windows without losing momentum Refresh quickly during the final stretch before exam day If you want a practical way to keep CCISO prep moving alongside a full schedule, these flashcards are built for daily use.

If you are studying for CISM, you are preparing for an exam that evaluates leadership and decision-making, not hands-on troubleshooting. It expects you to think like an information security manager: set direction through governance, evaluate risk in business terms, build and run a program that delivers measurable outcomes, and respond to incidents in a way that strengthens the organization over time. Many candidates find CISM challenging because the answer that feels most “correct” in the real world is not always the best answer on the exam. The exam is testing priority, process, and ...

Based on insights gained from academic research, as well as interviews with UK-based security professionals from various sectors, The Psychology of Information Security describes how resolving conflicts between security compliance and human behavior explains the importance of careful risk management and how to align a security program with wider business objectives, providing methods and techniques to engage stakeholders and encourage buy-in.

"Conquer the CISA Exam: Your Guide to Success as a Certified Information Systems Auditor" is an essential resource for anyone aiming to achieve the prestigious CISA certification. This comprehensive guide covers all the critical domains of the CISA exam, including Information Systems Auditing Process, Governance and Management of IT, Information Systems Acquisition, Development and Implementation, Information Systems Operations and Business Resilience, and Protection of Information Assets. The book begins with an overview of the CISA certification and its importance in the field of ...

"Information Security and Cybersecurity Frameworks 101", provides a comprehensive guide to understanding and implementing information security and cybersecurity frameworks. The book covers popular frameworks, such as ISO/IEC 27001, NIST Cybersecurity Framework, and Center for Internet Security (CIS) Critical Security Controls, and provides guidance on selecting and implementing the appropriate framework for an organization's specific needs and challenges. The book also includes case studies and lessons learned, as well as a section on emerging trends and technologies. With a focus on the ...

You do not need more notes. You need repetition that sticks. This CISSP companion flashcards book is built to help you drill the core concepts quickly and consistently. It is ideal for daily review, last-minute refreshers, and closing gaps you discover while practicing. Inside: Quick-hit review across the CISSP domains High-value terms and concepts you must recall on demand A study format that fits real schedules A companion resource designed to reinforce your CISSP study guide For a complete study stack, pair these flashcards with the companion audio course through the Bare Metal Cyber ...

Becoming a Certified Professional in Healthcare Information and Management Systems (CPHIMS) demonstrates your understanding of healthcare IT, data security, interoperability, and compliance. Conquer the HIMSS CPHIMS Exam is a concise summary designed to complement more detailed study material, helping you focus on key concepts without overwhelming technical detail. This guide provides high-level overviews of critical topics, including healthcare technology trends, electronic health records (EHRs), cybersecurity, regulatory compliance (HIPAA, GDPR), and healthcare IT project management. It ...

CCISO is a leadership exam. It measures whether you can make executive-level security decisions under constraints, communicate risk clearly, and run a security program that aligns to business outcomes. CCISO For Busy People helps you study with purpose by focusing on how the exam is written and what “best answer” really means in governance-heavy scenarios. What you will get in this book: A practical, decision-first walkthrough of the CCISO exam domains Plain-English explanations designed for short study sessions Scenario-driven practice that mirrors executive tradeoffs and ...

"Conquer the CISM Exam: Your Guide to Success as a Certified Information Security Manager" is an essential resource for anyone aiming to achieve the prestigious CISM certification. This comprehensive guide covers all critical domains of the CISM exam, including Information Security Governance, Information Risk Management, Information Security Program Development and Management, and Information Security Incident Management. The book begins with an overview of the CISM certification and its importance in the field of information security management. It then delves into each domain in detail, ...