Speaking at the United Nations’ Information Security Special Interest Group’s symposium in Geneva, Calder said: “ISO27001 is international best practice for any organisation seeking a structured framework to address cyber risks. ISO27001 has many strengths, including helping organisations secure the right balance of data availability, integrity and confidentiality. A further benefit of ISO27001 is the flexibility to integrate with other management standards. This point is vital – effective cybersecurity depends on establishing a comprehensive and interconnected defence strategy.

“Every organisation should remember, however, that ISO27001 certification does not equate with invincible security. ISO27001, effectively deployed, improves an organisation’s information security and resilience, but new threats are constantly evolving. Defences, therefore, need to evolve, too. There is no room for complacency. ISO27001 rightly expects you to continually reassess your business, risk and compliance environment in line with ‘real-world’ developments.

“There is never a time for complacency in information security. The need to keep strategies under constant review has never been greater. The revolutionary wonders of ‘Web 2.0’ can rapidly turn into ‘Threat 2.0’. The speed and degree of change in the modern business, compliance and security worlds is unprecedented, from new standards and threats to new technologies, such as Google+ and Android telephones. Any technological advance brings new security risks, as hackers immediately start finding ways to burrow in and exploit vulnerabilities. Everyone must be prepared.”

The three-day course, ‘Principles of IT Governance’, will deliver introductory training for IT professionals, providing delegates with a complete understanding of IT governance implementation.

Alan Calder, Chief Executive of ITG, says: ‘Senior managers and consultants who advise on IT governance are in boardroom demand across the globe. IT governance is now recognised as a key driver in ensuring a return on IT investment. In order to compete at the highest levels, companies need staff with experience and the relevant, accredited qualifications.

‘IT governance is at the heart of strategic IT management in all successful organisations. A close alliance between business objectives and IT resources, an optimised return on investment and compliance with IT standards are key factors in determining whether IT truly delivers the competitive advantage it should.

‘The course is designed for individuals whose role requires them to have a broad understanding of IT governance and a familiarity with the wide range of frameworks, standards and methodologies in use, from the COBIT IT governance/management framework and the corporate governance standard ISO38500 through to the IT Infrastructure Library (ITIL®) and the ISO27001 information security management standard. This course enables delegates to understand each of the existing frameworks and standards, to see them in their context, and to appreciate how to use each standard as part of an integrated approach to improving governance, risk management and compliance.’

The course will therefore look at these overlapping and competing frameworks and standards and propose organisational solutions, such as the Calder-Moir Framework, teaching delegates how best to use the framework in order to improve IT governance.

Calder himself, author of many governance publications including Corporate Governance and IT Governance: A Pocket Guide, will be leading the training. The courses will provide delegates with opportunities to interact with their trainers to help identify and apply current lessons to their own organisations.

The course also prepares delegates for the ‘Principles of IT Governance’ examination, which is taken on the final day of the course. Successful candidates will be awarded the ‘Certificate in IT Governance’, a foundation qualification accredited by the International Board for IT Governance Qualifications (IBITGQ), the new international board for harmonising and improving IT governance qualifications.

Calder continues: ‘IT qualifications certified by accredited and respected organisations are becoming an essential requirement for any IT governance professional. With an ever-increasing demand for such staff, employers are offering enhanced career opportunities to candidates who have certified qualifications and relevant experience.’

Each ‘Principles of IT Governance’ course will include 18 topical sessions to help organisations adjust to the ever-changing IT environment and will cover key issues such as internal control and culture, the definition of drivers for IT governance, risk and control in IT governance, and performance management. As such, typical delegates could include anyone from a board director or IT executive to an IT consultant or a compliance manager.

The three-day courses will be held in London, with the first course taking place from October 5-7 2011. The course dates for 2012 are January 18-20, April 4-6 and July 4-6, with each course costing £1,495 ($2,470.71/€1,717.74). An ‘early bird’ discount of £300 is also available on any bookings made by August 31 2011.

All booking information can be found at: www.itgovernance.co.uk/products/3461.

Alan Calder, Chief Executive of ITG, says: ‘Gaining ISO27001 certification is one thing, but what next? ISO27001 is a security management standard that rightly expects you to continually reassess your business, risk and compliance environment in line with ‘real world’ developments. There is a lot of guidance on how to achieve ISO27001 certification, but very little guidance on the next steps. These courses fill that gap.

‘There is never a time for complacency in information security. The revolutionary wonders of ‘Web 2.0’ can rapidly turn into ‘Threat 2.0’. Any technological advance brings new security risks, as hackers immediately start finding ways to burrow in and exploit vulnerabilities. You need to be prepared.

‘These two-day classroom training courses address the constant threat posed by cyberattacks, providing expert guidance from overarching strategies to practical steps. The need to keep ISMS strategies under constant review has never been greater. The speed and degree of change in the modern business, compliance and security worlds is unprecedented, from new standards and threats to new technologies such as Google+ and Android phones. You can be sure cybercriminals will constantly be probing your defences. How do you monitor, measure and improve the effectiveness of your controls? By regularly attending these courses, you will be able to continue implementing best practice information security management, and demonstrating that fact to external auditors, despite the changing environment.’

The new ITG courses, Reviewing and Improving Your ISMS, will be led by Calder and Steve Watkins, Consultancy Director of ITG, who together co-authored IT Governance: A Manager’s Guide to Data Security and ISO27001/ISO27002. The courses will provide delegates with an opportunity to interact with their trainers to help identify and apply current lessons to their own organisations.

Calder continues: ‘The courses are designed for individuals whose role requires them to have a broad understanding of current trends in information security, and to be aware of new and emerging regulation and technical standards and evolving best practice in reviewing and improving an ISMS. The scope of training, therefore, makes the courses relevant to everyone from an information security manager or an IT auditor to a board director or chief information officer.

‘No two of the quarterly courses will be the same, as we will take into account new laws and regulations, threats and vulnerabilities, technologies, standards and certification requirements. Each course will therefore evolve from its predecessor. We want to take ISO27001 training to the next level and the best way to achieve this goal is to ensure training is up-to-date and comprehensive. These courses are the first of their kind and will allow organisations to maintain the best levels of protection.’

Each course will include 18 topical sessions to help organisations adjust to the ever-changing IT environment, looking at everything from the quarter’s headline events through to key new technological trends. Courses will also use case studies to illustrate and learn from real-life experiences.

The courses will be held in London, with the first course taking place on October 24-25 2011. The scheduled dates for 2012 are January 24-25, April 18-19 and July 17-18, with each course offering 15 hours of continuing professional development (CPD).

The courses cost £895.00 each ($1,479.12/€1,028.35) or all four courses can be booked for a discounted £2,595+VAT. An ‘early bird’ discount of £150 is also available on any bookings made by August 31 2011.

All booking information can be found at: www.itgovernance.co.uk/products/3399.

The new ‘IT Service Management Documentation Toolkit’ is designed to help companies put in place ‘fit-for-purpose’ documentation, implement ITIL service management best practices and, ultimately, optimise their IT service management systems.

Alan Calder, Chief Executive of IT Governance, says: ‘This unique toolkit is the perfect investment for organisations seeking an optimal route to ITSM best practice, guiding companies through the relevant processes. ITIL is the world’s foremost ITSM framework and ITIL implementation is invaluable for achieving compliance with ISO/IEC 20000, the globally recognised set of ITSM standards.

‘With the ITIL framework providing best practice guidance on how to manage IT infrastructure and streamline IT services in line with business expectations, ITIL is becoming increasingly vital for IT professionals.

‘Our toolkit draws on original content licensed by the Office of Government Commerce (OGC), which oversees the ITIL framework, so you can be sure the toolkit contains the relevant documentation to ensure correct implementation and enjoy the consequent organisational and commercial benefits.

‘The importance of ITSM can hardly be overestimated, especially as many service providers are required by their governments to achieve ISO/IEC 20000 certification. This toolkit will help organisations avoid costly trial-and-error dead-ends.’

The documents contained in the toolkit include service management plan templates; a service level agreement template; 100 pre-written policies, procedures, templates and guidance documents; a pre-written IT service management system manual; and over 400 pages of fit-for-purpose information.

The toolkit has been written by ITIL specialists Jenny Dugmore and Shirley Lacy. Dugmore was the chair of the British Standards Institution (BSI) committee that produced BS15000, a prequel to ISO/IEC 20000, and is now the chair of the ISO Committee responsible for the 20000 series. In 2005, she was awarded a lifetime achievement award by the IT Service Management Forum (itSMF). Lacy was an ITIL author and project mentor for the ITIL 2011 Update. She holds the ITIL ‘expert’ certificate and is an accredited trainer for ITIL and ISO/IEC 20000. Among their many ITSM-related achievements, Dugmore and Lacy have co-authored ‘A Manager’s Guide to Service Management’ and ‘Introduction To The ISO/IEC 20000 Series’.

Dugmore says: ‘Effective service management is increasingly recognised as fundamental to business success. Customers are looking for better quality, lower costs, greater flexibility and faster responses to their changing requirements. This toolkit enables all types of service providers to set up and implement an effective service management system that delivers quality and value to customers.’

Lacy adds: ‘The toolkit uses tried and tested best practices that avoid re-inventing the wheel. The gap analysis tool and template-driven approach will help an organisation assess current ITSM requirements and implement relevant service management processes.’

The toolkit costs £495 ($818.06/€568.75) and can be purchased as a download at: www.itgovernance.co.uk/products/3370.

A ‘try before you buy’ version of the toolkit is also available and can be requested here.

Although most respondents to the survey described gaining and keeping customers as a very high priority for their companies at present, 33% of respondents admitted not offering any enhancements or add-ons to help market the core product/service. When enhancements add so much value to a company’s offering, this feedback is quite a concern.

Collinson Latitude director Janet Titterton says: “It’s remarkable that so many companies continue to overlook the many products and services available to help win, and keep, customers. From loyalty reward programmes and subscription-based membership programmes, through to online auctions and prize draws, the range of innovative products to improve customer engagement is wide and varied for almost every business sector. The survey reveals 61% of respondents whose companies offer enhancements to the core service believe doing so differentiates their business from the competition, either “very much” [33%] or “somewhat” [28%]. Clearly, companies that do not offer such enhancements are falling behind their competitors.

“As the economy recovers from the depths of the downturn, every company needs to think hard about how to retain customers who are being presented with a growing choice of providers. It takes an awful lot of time and money to win back lost customers, but innovative enhancements, added to the core service, create value and can often be fairly rapidly deployed, at low-cost, to maintain the loyalty of the customers you already hold. Why then are so many companies overlooking these opportunities to simultaneously increase ancillary revenues and customer satisfaction? 36% of our survey respondents cited cost or resource availability as a barrier to selling add-ons. In fact, enhancements can quickly be designed and deployed by a third-party at low-cost, bringing immediate ancillary revenue gains.

“It is incredible to see how many of the survey respondents [29%] have never even considered offering membership benefit packages to loyal customers. There is clearly a great deal of untapped potential for companies to be introducing innovative and exciting products and programmes that really engage customers on a consistent basis.”

The new Collinson Latitude survey gathers the opinions of marketing and brand professionals from industries including aviation, financial services, hotels and travel, publishing, retail, telecommunications and utilities. The survey sought to discover how widely companies are using enhancements and add-ons to the core product/service, and the extent to which doing so is proving beneficial for themselves and their customers.

The results of the survey are being revealed today at ‘Ancillary Revenue World Europe 2011’ (June 28-30) in London, the only multi-industry ancillary revenue conference on cross-selling and maximising revenue streams. Collinson Latitude is exhibiting at the event.