This updated and completely revised edition of a bestseller extends the concepts and considerations of modern project management into the realm of project management oversight, control, and support. Illustrating the implications of project management in today's organizations, The Complete Project Management Office Handbook, Third Edition explains how to use the project management office (PMO) as a business integrator to influence project outcomes in a manner that serves both project and business management interests. Helping you determine if a PMO is right for your organization, this edition presents a five-stage PMO competency continuum to help you understand how to develop PMOs at different competency levels and associated functionalities. It also identifies five progressive PMO development levels to help you identify which level is best for your organization. Updates to this edition include: A refinement of the 20 PMO functions that guide PMO setup and operations A new section that provides an effective evaluation of PMO maturity indicators based on the prescribed 20 PMO functions presented in the handbook A new section on Establishing a Project Management Office that details a comprehensive process for determining the needs, purpose, and functionality for a new PMO Best practices that have cross-industry value and applicability The book includes checklists, detailed process steps, and descriptive guidance for developing PMO functional capability. The up-to-date PMO model defined will not only help you better understand business practices in project management, but will also help you to adapt and integrate those practices into the project management environment in your organization. For anyone associated with start-up and smaller PMOs, the book explains what can be done to create less rigorous PMO functional capabilities. It also includes helpful insights for those who need to specify and demonstrate "quick-wins" and early PMO-based accomplishments in their organization.

Updated annually, the Information Security Management Handbook, Sixth Edition is the most comprehensive and up-to-date reference available on information security and assurance. Bringing together the knowledge, skills, techniques, and tools required of IT security professionals, it facilitates the up-to-date understanding required to stay one step ahead of evolving threats, standards, and regulations. Reporting on the latest developments in information security and recent changes to the (ISC)2 (R) CISSP Common Body of Knowledge (CBK (R)), Volume 7 features 27 new chapters on topics such as BYOD, IT consumerization, smart grids, security, and privacy. Covers the fundamental knowledge, skills, techniques, and tools required by IT security professionals Updates its bestselling predecessors with new developments in information security and the (ISC)2 (R) CISSP (R) CBK (R) Provides valuable insights from leaders in the field on the theory and practice of computer security technology Facilitates the comprehensive and up-to-date understanding you need to stay fully informed The ubiquitous nature of computers and networks will always provide the opportunity and means to do harm. This edition updates its popular predecessors with the information you need to address the vulnerabilities created by recent innovations such as cloud computing, mobile banking, digital wallets, and near-field communications. This handbook is also available on CD.

This revised edition has more breadth and depth of coverage than the first edition. Information Technology: An Introduction for Today's Digital World introduces undergraduate students to a wide variety of concepts that they will encounter throughout their IT studies and careers. The features of this edition include: Introductory system administration coverage of Windows 10 and Linux (Red Hat 7), both as general concepts and with specific hands-on instruction Coverage of programming and shell scripting, demonstrated through example code in several popular languages Updated information on modern IT careers Computer networks, including more content on cloud computing Improved coverage of computer security Ancillary material that includes a lab manual for hands-on exercises Suitable for any introductory IT course, this classroom-tested text presents many of the topics recommended by the ACM Special Interest Group on IT Education (SIGITE). It offers a far more detailed examination of the computer and IT fields than computer literacy texts, focusing on concepts essential to all IT professionals - from system administration to scripting to computer organization. Four chapters are dedicated to the Windows and Linux operating systems so that students can gain hands-on experience with operating systems that they will deal with in the real world.

It's axiomatic to state that people fear what they do not understand, and this is especially true when it comes to technology. However, despite their prevalence, computers remain shrouded in mystery, and many users feel apprehensive when interacting with them. Smartphones have only exacerbated the issue. Indeed, most users of these devices leverage only a small fraction of the power they hold in their hands. How Things Work: The Computer Science Edition is a roadmap for readers who want to overcome their technophobia and harness the full power of everyday technology. Beginning with the basics, the book demystifies the mysterious world of computer science, explains its fundamental concepts in simple terms, and answers the questions many users feel too intimidated to ask. By the end of the book, readers will understand how computers and smart devices function and, more important, how they can make these devices work for them. To complete the picture, the book also introduces readers to the darker side of modern technology: security and privacy concerns, identity theft, and threats from the Dark Web.

It's axiomatic to state that people fear what they do not understand, and this is especially true when it comes to technology. However, despite their prevalence, computers remain shrouded in mystery, and many users feel apprehensive when interacting with them. Smartphones have only exacerbated the issue. Indeed, most users of these devices leverage only a small fraction of the power they hold in their hands. How Things Work: The Computer Science Edition is a roadmap for readers who want to overcome their technophobia and harness the full power of everyday technology. Beginning with the basics, the book demystifies the mysterious world of computer science, explains its fundamental concepts in simple terms, and answers the questions many users feel too intimidated to ask. By the end of the book, readers will understand how computers and smart devices function and, more important, how they can make these devices work for them. To complete the picture, the book also introduces readers to the darker side of modern technology: security and privacy concerns, identity theft, and threats from the Dark Web.

DataOps is a new way of delivering data and analytics that is proven to get results. It enables IT and users to collaborate in the delivery of solutions that help organisations to embrace a data-driven culture. The DataOps Revolution: Delivering the Data-Driven Enterprise is a narrative about real world issues involved in using DataOps to make data-driven decisions in modern organisations. The book is built around real delivery examples based on the author's own experience and lays out principles and a methodology for business success using DataOps. Presenting practical design patterns and DataOps approaches, the book shows how DataOps projects are run and presents the benefits of using DataOps to implement data solutions. Best practices are introduced in this book through the telling of a story, which relates how a lead manager must find a way through complexity to turn an organisation around. This narrative vividly illustrates DataOps in action, enabling readers to incorporate best practices into everyday projects. The book tells the story of an embattled CIO who turns to a new and untested project manager charged with a wide remit to roll out DataOps techniques to an entire organisation. It illustrates a different approach to addressing the challenges in bridging the gap between IT and the business. The approach presented in this story lines up to the six IMPACT pillars of the DataOps model that Kinaesis (www.kinaesis.com) has been using through its consultants to deliver successful projects and turn around failing deliveries. The pillars help to organise thinking and structure an approach to project delivery. The pillars are broken down and translated into steps that can be applied to real-world projects that can deliver satisfaction and fulfillment to customers and project team members.

This volume shows how ICT (information and communications technology) can play the role of a driver of business process reengineering (BPR). ICT can aid in enabling improvement in BPR activity cycles as it provides many components that enhance performance that can lead to competitive advantages. IT can interface with BPR to improve business processes in terms of communication, inventory management, data management, management information systems, customer relationship management, computer-aided design, computer-aided manufacturing (CAM), and computer-aided engineering. This volume explores these issues in depth.

Ecosystems and Technology: Idea Generation and Content Model Processing, presents important new innovations in the area of management and computing. Innovation is the generation and application of new ideas and skills to produce new products, processes, and services that improve economic and social prosperity. This includes management and design policy decisions and encompasses innovation research, analysis, and best practice in enterprises, public and private sector service organizations, government, regional societies and economies. The book, the first volume in the Innovation Management and Computing book series, looks at technology that improves efficiency and idea generation, including systems for business, medical/health, education, and more. The book provides detailed examples to provide readers with current issues, including Venture planning for innovations New technologies supporting innovations systems Competitive business modeling Context-driven innovation modeling The generation of ideas faster The measurement of relevant data Virtual interfaces Business intelligence and content processing Predictive modeling Haptic expression and emotion recognition innovations, with applications to neurocognitive medical science This book provides a wealth of information that will be useful for IT and business professionals, educators, and students in many fields.

The examination of social questions is a relatively new development in goegraphy, but social geography has now blossomed into a fully fledged sub-discipline which has in fact influenced significantly all other areas of geography. This book, first published in 1987, presents an overview of recent developments in all the major branches of social geography. As such it provides a valuable introduction to te subject, a review of the latest state of the art and a pointer to future research directions.

Is your enterprise's strategy for cybersecurity just crossing its fingers and hoping nothing bad ever happens? If so...you're not alone. Getting cybersecurity right is all too often an afterthought for Fortune 500 firms, bolted on and hopefully creating a secure environment. We all know this approach doesn't work, but what should a smart enterprise do to stay safe? Today, cybersecurity is no longer just a tech issue. In reality, it never was. It's a management issue, a leadership issue, a strategy issue: It's a "must have right"...a survival issue. Business leaders and IT managers alike need a new paradigm to work together and succeed. After years of distinguished work as a corporate executive, board member, author, consultant, and expert witness in the field of risk management and cybersecurity, David X Martin is THE pioneering thought leader in the new field of CyRMSM. Martin has created an entirely new paradigm that approaches security as a business problem and aligns it with business needs. He is the go-to guy on this vitally important issue. In this new book, Martin shares his experience and expertise to help you navigate today's dangerous cybersecurity terrain, and take proactive steps to prepare your company-and yourself -to survive, thrive, and keep your data (and your reputation) secure.

Coud reliability engineering is a leading issue of cloud services. Cloud service providers guarantee computation, storage and applications through service-level agreements (SLAs) for promised levels of performance and uptime. Cloud Reliability Engineering: Technologies and Tools presents case studies examining cloud services, their challenges, and the reliability mechanisms used by cloud service providers. These case studies provide readers with techniques to harness cloud reliability and availability requirements in their own endeavors. Both conceptual and applied, the book explains reliability theory and the best practices used by cloud service companies to provide high availability. It also examines load balancing, and cloud security. Written by researchers and practitioners, the book's chapters are a comprehensive study of cloud reliability and availability issues and solutions. Various reliability class distributions and their effects on cloud reliability are discussed. An important aspect of reliability block diagrams is used to categorize poor reliability of cloud infrastructures, where enhancement can be made to lower the failure rate of the system. This technique can be used in design and functional stages to determine poor reliability of a system and provide target improvements. Load balancing for reliability is examined as a migrating process or performed by using virtual machines. The approach employed to identify the lightly loaded destination node to which the processes/virtual machines migrate can be optimized by employing a genetic algorithm. To analyze security risk and reliability, a novel technique for minimizing the number of keys and the security system is presented. The book also provides an overview of testing methods for the cloud, and a case study discusses testing reliability, installability, and security. A comprehensive volume, Cloud Reliability Engineering: Technologies and Tools combines research, theory, and best practices used to engineer reliable cloud availability and performance.

Today's high-speed and rapidly changing development environments demand equally high-speed security practices. Still, achieving security remains a human endeavor, a core part of designing, generating and verifying software. Dr. James Ransome and Brook S.E. Schoenfield have built upon their previous works to explain that security starts with people; ultimately, humans generate software security. People collectively act through a particular and distinct set of methodologies, processes, and technologies that the authors have brought together into a newly designed, holistic, generic software development lifecycle facilitating software security at Agile, DevOps speed. -Eric. S. Yuan, Founder and CEO, Zoom Video Communications, Inc. It is essential that we embrace a mantra that ensures security is baked in throughout any development process. Ransome and Schoenfield leverage their abundance of experience and knowledge to clearly define why and how we need to build this new model around an understanding that the human element is the ultimate key to success. -Jennifer Sunshine Steffens, CEO of IOActive Both practical and strategic, Building in Security at Agile Speed is an invaluable resource for change leaders committed to building secure software solutions in a world characterized by increasing threats and uncertainty. Ransome and Schoenfield brilliantly demonstrate why creating robust software is a result of not only technical, but deeply human elements of agile ways of working. -Jorgen Hesselberg, author of Unlocking Agility and Cofounder of Comparative Agility The proliferation of open source components and distributed software services makes the principles detailed in Building in Security at Agile Speed more relevant than ever. Incorporating the principles and detailed guidance in this book into your SDLC is a must for all software developers and IT organizations. -George K Tsantes, CEO of Cyberphos, former partner at Accenture and Principal at EY Detailing the people, processes, and technical aspects of software security, Building in Security at Agile Speed emphasizes that the people element remains critical because software is developed, managed, and exploited by humans. This book presents a step-by-step process for software security that uses today's technology, operational, business, and development methods with a focus on best practice, proven activities, processes, tools, and metrics for any size or type of organization and development practice.

Starting with the inception of an education program and progressing through its development, implementation, delivery, and evaluation, Managing an Information Security and Privacy Awareness and Training Program, Second Edition provides authoritative coverage of nearly everything needed to create an effective training program that is compliant with applicable laws, regulations, and policies. Written by Rebecca Herold, a well-respected information security and privacy expert named one of the "Best Privacy Advisers in the World" multiple times by Computerworld magazine as well as a "Top 13 Influencer in IT Security" by IT Security Magazine, the text supplies a proven framework for creating an awareness and training program. It also:

• Lists the laws and associated excerpts of the specific passages that require training and awareness
• Contains a plethora of forms, examples, and samples in the book's 22 appendices
• Highlights common mistakes that many organizations make
• Directs readers to additional resources for more specialized information
• Includes 250 awareness activities ideas and 42 helpful tips for trainers

Complete with case studies and examples from a range of businesses and industries, this all-in-one resource provides the holistic and practical understanding needed to identify and implement the training and awareness methods best suited to, and most effective for, your organization.

Praise for:

The first edition was outstanding. The new second edition is even better ... the definitive and indispensable guide for information security and privacy awareness and training professionals, worth every cent. As with the first edition, we recommend it unreservedly..
-NoticeBored.com

Project success requires a solid understanding and proper implementation of the tools, techniques, and principles of project management. A reference for both the novice and expert project manager, The Project Manager's Emergency Kit provides you with everything you will need to get your project off to a solid start and overcome any emergencies that may arise during the project life cycle. It supplies you with over 200 project management tools, techniques, and principles arranged in alphabetical order. The text provides guidance on how to complete projects on time and within budget while meeting the needs of your customers. It presents easy-to-follow project planning steps covering the responsibilities, work breakdown structures, time and cost estimating, scheduling, resource allocation, and budgeting. The Project Manager's Emergency Kit provides you with straightforward guidelines that will help you overcome any challenges that may arise and deliver a product or service that will satisfy everyone who has a stake in the outcome of your project.

This book captures a range of important developments that have occurred in Information Systems over the last forty years, with a particular focus on India and the developing world. Over this time, Information and Communications Technology (ICT) and Information Systems (IS) have come to play a critical role in supporting, complementing and automating managerial decisions, shaping and transforming industries, and contributing to deep societal and economic change. This volume examines a range of topics for those interested in the adoption and use of these technologies across varied situations. It combines empirical studies on the application and impact of IS with commentaries, debates and insights on the transformative role that IT and the IT industry have played, and continue to play, within India as well as globally. The book draws attention to issues and challenges that organizations grapple with in tech-enabled environments, and provides insights on the role of automation and computational techniques. It explores the global impact of the technology revolution on economic growth and development, electronic globalization, and the wider opportunities and challenges of a hi-tech world. The chapters cover various themes such as e-government in India, internet-based distribution systems, internet banking, and use of collaborative IT tools and functions to support virtual teams in the software industry and the business process outsourcing industry. Other chapters focus on methodological advances, such as systems thinking which finds applications in organizational decision-making, and the use of fuzzy logic. This volume will interest professionals and scholars of information technology and information systems, computer studies, IT systems, economics, and business and management studies.

It is essential for a corporation to not only survive but thrive in today's global outsourcing environment. The Insider's Guide to Outsourcing Risks and Rewards is a comprehensive and accessible resource that assists an organization in deciding whether it will benefit from pursuing-or not pursuing-such an endeavor. The author, an 18-year veteran of the IT industry, is an experienced consultant, software developer, manager, and entrepreneur. Providing an authoritative and unbiased view, he helps the reader navigate through a number of offshore outsourcing issues related to software management and international business. He examines the potential benefits derived from offshore outsourcing, as well as the possible pitfalls and how to avoid them as they apply to an organization's particular situation. Offering a unique combination of technical and political insight, The Insider's Guide to Outsourcing Risks and Rewards is the one resource to have when trying to figure out your organization's next step.

Managing a software development project is a complex process. There are lots of deliverables to produce, standards and procedures to observe, plans and budgets to meet, and different people to manage. Project management doesn't just start and end with designing and building the system. Once you've specified, designed and built (or bought) the system it still needs to be properly tested, documented and settled into the live environment. This can seem like a maze to the inexperienced project manager, or even to the experienced project manager unused to a particular environment.A Hacker's Guide to Project Management acts as a guide through this maze. It's aimed specifically at those managing a project or leading a team for the first time, but it will also help more experienced managers who are either new to software development, or dealing with a new part of the software life-cycle. This book:describes the process of software development, how projects can fail and how to avoid those failuresoutlines the key skills of a good project manager, and provides practical advice on how to gain and deploy those skillstakes the reader step-by-step through the main stages of the project, explaining what must be done, and what must be avoided at each stagesuggests what to do if things start to go wrong!The book will also be useful to designers and architects, describing important design techniques, and discussing the important discipline of Software Architecture.This new edition:has been fully revised and updated to reflect current best practices in software developmentincludes a range of different life-cycle models and new design techniquesnow uses the Unified Modelling Language throughout

The book shows how to use Planning by Design (PxD) for developing working models to any type of subject area. Section 1 describes the nature of planning in general, the formula of planning, the features that make it systematic, the essence of PxD, and developing and using the working model. Section 2 demonstrates personal application of creative planning to real life cases and practical working models on different subject areas. The book provides a general planning "master guide" that shows how to develop a working model of any definable subject matter. This objective will be accomplished by introducing the concepts, the process, and the methodology of PxD.

Security practitioners must be able to build cost-effective security programs while also complying with government regulations. Information Security Governance Simplified: From the Boardroom to the Keyboard lays out these regulations in simple terms and explains how to use control frameworks to build an air-tight information security (IS) program and governance structure. Defining the leadership skills required by IS officers, the book examines the pros and cons of different reporting structures and highlights the various control frameworks available. It details the functions of the security department and considers the control areas, including physical, network, application, business continuity/disaster recover, and identity management. Todd Fitzgerald explains how to establish a solid foundation for building your security program and shares time-tested insights about what works and what doesn't when building an IS program. Highlighting security considerations for managerial, technical, and operational controls, it provides helpful tips for selling your program to management. It also includes tools to help you create a workable IS charter and your own IS policies. Based on proven experience rather than theory, the book gives you the tools and real-world insight needed to secure your information while ensuring compliance with government regulations.

Information security has a major gap when cryptography is implemented. Cryptographic algorithms are well defined, key management schemes are well known, but the actual deployment is typically overlooked, ignored, or unknown. Cryptography is everywhere. Application and network architectures are typically well-documented but the cryptographic architecture is missing. This book provides a guide to discovering, documenting, and validating cryptographic architectures. Each chapter builds on the next to present information in a sequential process. This approach not only presents the material in a structured manner, it also serves as an ongoing reference guide for future use.

A Guide to the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework (2.0) presents a comprehensive discussion of the tasks, knowledge, skill, and ability (KSA) requirements of the NICE Cybersecurity Workforce Framework 2.0. It discusses in detail the relationship between the NICE framework and the NIST's cybersecurity framework (CSF), showing how the NICE model specifies what the particular specialty areas of the workforce should be doing in order to ensure that the CSF's identification, protection, defense, response, or recovery functions are being carried out properly. The authors construct a detailed picture of the proper organization and conduct of a strategic infrastructure security operation, describing how these two frameworks provide an explicit definition of the field of cybersecurity. The book is unique in that it is based on well-accepted standard recommendations rather than presumed expertise. It is the first book to align with and explain the requirements of a national-level initiative to standardize the study of information security. Moreover, it contains knowledge elements that represent the first fully validated and authoritative body of knowledge (BOK) in cybersecurity. The book is divided into two parts: The first part is comprised of three chapters that give you a comprehensive understanding of the structure and intent of the NICE model, its various elements, and their detailed contents. The second part contains seven chapters that introduce you to each knowledge area individually. Together, these parts help you build a comprehensive understanding of how to organize and execute a cybersecurity workforce definition using standard best practice.

Providing comprehensive coverage of cyberspace and cybersecurity, this textbook not only focuses on technologies but also explores human factors and organizational perspectives and emphasizes why asset identification should be the cornerstone of any information security strategy. Topics include addressing vulnerabilities, building a secure enterprise, blocking intrusions, ethical and legal issues, and business continuity. Updates include topics such as cyber risks in mobile telephony, steganography, cybersecurity as an added value, ransomware defense, review of recent cyber laws, new types of cybercrime, plus new chapters on digital currencies and encryption key management.

Integrating Business Management Processes: Volume 3: Harmonising Quality, Food Safety and Environmental Processes (978-0-367-48547-4) Shelving Guide: Business & Management The backbone of any organisation is its management system. It must reflect the needs of the organisation and the requirements of its customers. Compliance with legal requirements and ethical environmental practices contributes towards the sustainability of the management system. Whatever the state of maturity of the management, this book, one of three, provides useful guidance to design, implement, maintain and improve its effectiveness and is intended to provide readers with practical "how to" methods for integrating quality, safety and environmental management processes. This volume sets out procedures and flowcharts to show how the integration of these processes can be achieved. Separated into management procedures, core procedures, support procedures and assurance procedures and complemented by practical examples, this book is an invaluable resource for complete systems development and integration. This book, along with its two companion volumes, is a practical guide for real managers, designed to help them manage their business more effectively and gain competitive advantage. Titus De Silva is a consultant in management skills development, pharmacy practice, quality management and food safety and an advisor to the newly established National Medicines Regulatory Authority (NMRA) in Sri Lanka.

Integrating Business Management Processes: Volume 3: Harmonising Quality, Food Safety and Environmental Processes (978-0-367-48547-4) Shelving Guide: Business & Management The backbone of any organisation is its management system. It must reflect the needs of the organisation and the requirements of its customers. Compliance with legal requirements and ethical environmental practices contributes towards the sustainability of the management system. Whatever the state of maturity of the management, this book, one of three, provides useful guidance to design, implement, maintain and improve its effectiveness and is intended to provide readers with practical "how to" methods for integrating quality, safety and environmental management processes. This volume sets out procedures and flowcharts to show how the integration of these processes can be achieved. Separated into management procedures, core procedures, support procedures and assurance procedures and complemented by practical examples, this book is an invaluable resource for complete systems development and integration. This book, along with its two companion volumes, is a practical guide for real managers, designed to help them manage their business more effectively and gain competitive advantage. Titus De Silva is a consultant in management skills development, pharmacy practice, quality management and food safety and an advisor to the newly established National Medicines Regulatory Authority (NMRA) in Sri Lanka.

Although interest in Spatial Decision Support Systems (SDSS) continues to grow rapidly in a wide range of disciplines, students, planners, managers, and the research community have lacked a book that covers the fundamentals of SDSS along with the advanced design concepts required for building SDSS. Filling this need, Spatial Decision Support Systems: Principles and Practices provides a comprehensive examination of the various aspects of SDSS evolution, components, architecture, and implementation. It integrates research from a variety of disciplines, including the geosciences, to supply a complete overview of SDSS technologies and their application from an interdisciplinary perspective. This groundbreaking reference provides thorough coverage of the roots of SDSS. It explains the core principles of SDSS, how to use them in various decision making contexts, and how to design and develop them using readily available enabling technologies and commercial tools. The book consists of four major parts, each addressing different topic areas in SDSS: Presents an introduction to SDSS and the evolution of SDSS Covers the essential and optional components of SDSS Focuses on the design and implementation of SDSS Reviews SDSS applications from various domains and disciplines-investigating current challenges and future directions The text includes numerous detailed case studies, example applications, and methods for tailoring SDSS to your work environment. It also integrates sample code segments throughout. Addressing the technical and organizational challenges that affect the success or failure of SDSS, the book concludes by considering future directions of this rapidly emerging field of study.