Juggling two balls is something that most people can do, but juggling six balls takes dexterity and practice. Juggling the complexities of current IT environments requires a significant amount of skill. Besides considerations of technical, business, and financial elements, there also are regulatory requirements for oversight and governance.


 In Information Security Governance Simplified: From the Boardroom to the Keyboard, author Todd Fitzgerald provides an excellent over­view on how security managers can create an effective information security program without breaking the bank. He shows the reader how to create a governance program that includes all of the necessary managerial, technical, and operational controls. Creating such a program is not a trivial endeavor, and Fitzgerald offers numerous tips and real-world examples.

The book has 30 pages of operation controls detailing all of the points needed to create a governance program. Controls are mapped according to various regulatory requirements. Anyone looking for a comprehensive guide on creating an information security governance program written in a readable manner will find this book to be a great resource.


978-1439811634 Rothke Todd Fitzgerald