IT service management: ITIL® or ISO 20000?

The short answer is you don’t choose!  Despite organisations often declaring they want to be “ITIL-compliant” or they want to “implement ITIL”, ITIL isn’t something you can actually be measured against or accredited to. The framework consists of a set of best practices created by experts from many leading companies who have ‘been there and done that’, which can and should be adapted to … [Read more...]

ITSM: developing an effective service catalogue

One of the ways to improve communication and alignment between an organisation and its IT service provider is to develop an effective service catalogue. A service catalogue in its basic form is a document that gives customers a list of all live services offered by IT. However, an effective service catalogue can be so much more! It:  Describes what the IT department does and how it adds value to … [Read more...]

How do you create an increased service management culture in IT?

What is culture? The Oxford English Dictionary defines it as:   The ideas, customs, and social behaviour of a particular people or society  In any organisation or group of individuals, there are learned and shared patterns of behaviour or shared values that give us the culture of that organisation or group. Good, or bad, customer service is catching and can become engrained in … [Read more...]

Why is business continuity management so important?

In recent news, Eir’s Internet network service went down on Saturday, 13 October, affecting thousands of customers across Ireland. A statement from the company said: “Service has been restored to those Eir customers that were impacted by the internet access outage. We apologise again to our customers for the inconvenience this has caused.” In instances like this, it is vital for an organisation to … [Read more...]

Penetration testing and the EU GDPR

Data breaches are on the rise and affecting Irish organisations, most recently Eir and Cork City Council’s Park by Phone service.  Criminal hackers are gaining access to organisations’ networks using a variety of techniques, so ensuring your network is secure should be high on your agenda. Penetration testing is an effective method of determining the security of your networks and web applications, … [Read more...]

Free webinar: First steps to GDPR compliance

The GDPR (General Data Protection Regulation) has significantly reshaped the data protection landscape for organisations worldwide that collect and process EU residents’ personal data. The Regulation imposes fines of up to 4% of annual global turnover or €20 million (whichever is greater) for non-compliance.  Data breaches are on the rise and affecting Irish organisations such as Eir, which … [Read more...]

Is it legal for organisations to request your date of birth?

When you sign up for an online service, you’re often asked to provide personal details. Usually, you won’t have a problem with this: an organisation obviously needs your name and email address to contact you. But when they start asking for seemingly unnecessary information, you might get concerned. Why do you need to give your date of birth when downloading a green paper? Or to create an account … [Read more...]

Summer offers to kick-start your cyber security journey. Don’t miss out! 

IT Governance is a leading global provider of IT governance, risk management and compliance solutions, with a special focus on cyber resilience, data protection, the PCI DSS (Payment Card Industry Data Security Standard), ISO 27001 and cyber security.  We are committed to helping organisations protect themselves and their customers from the perpetually evolving range of cyber threats. Our deep … [Read more...]

The future for CISOs following the introduction of the GDPR and NIS Directive

The responsibilities of the CISO (chief information security officer) have remained consistent over the years, but big changes in the cyber security landscape in 2018 could spark an evolution of the role.  Largely led by the introduction of the EU GDPR (General Data Protection Regulation) and the NIS Directive (Directive on security of network and information systems), organisations are shifting … [Read more...]

9 steps to implementing ISO 27001

There are many reasons to adopt ISO 27001, the international standard that describes best practice for an information security management system (ISMS). It helps organisations improve their security, comply with cyber security regulations, and protect and enhance their reputation. But implementing the Standard takes a lot of time and effort. That should be obvious, at least if you believe the … [Read more...]