Defining a set of guiding principles for data management and describing how these principles can be applied within data management functional areas; Providing a functional framework for the implementation of enterprise data management practices; including widely adopted practices, methods and techniques, functions, roles, deliverables and metrics; Establishing a common vocabulary for data management concepts and serving as the basis for best practices for data management professionals. DAMA-DMBOK2 provides data management and IT professionals, executives, knowledge workers, educators, and researchers with a framework to manage their data and mature their information infrastructure, based on these principles: Data is an asset with unique properties; The value of data can be and should be expressed in economic terms; Managing data means managing the quality of data; It takes metadata to manage data; It takes planning to manage data; Data management is cross-functional and requires a range of skills and expertise; Data management requires an enterprise perspective; Data management must account for a range of perspectives; Data management is data lifecycle management; Different types of data have different lifecycle requirements; Managing data includes managing risks associated with data; Data management requirements must drive information technology decisions; Effective data management requires leadership commitment.

Create appropriate, security-focused business propositions that consider the balance between cost, risk, and usability, while starting your journey to become an information security manager. Covering a wealth of information that explains exactly how the industry works today, this book focuses on how you can set up an effective information security practice, hire the right people, and strike the best balance between security controls, costs, and risks. Practical Information Security Management provides a wealth of practical advice for anyone responsible for information security management in the workplace, focusing on the ‘how’ rather than the ‘what’. Together we’ll cut through the policies, regulations, and standards to expose the real inner workings of what makes a security management program effective, covering the full gamut of subject matter pertaining to security management: organizational structures, security architectures, technical controls, governance frameworks, and operational security. This book was not written to help you pass your CISSP, CISM, or CISMP or become a PCI-DSS auditor. It won’t help you build an ISO 27001 or COBIT-compliant security management system, and it won’t help you become an ethical hacker or digital forensics investigator – there are many excellent books on the market that cover these subjects in detail. Instead, this is a practical book that offers years of real-world experience in helping you focus on the getting the job done. What You Will Learn Learn the practical aspects of being an effective information security manager Strike the right balance between cost and risk Take security policies and standards and make them work in reality Leverage complex security functions, such as Digital Forensics, Incident Response and Security Architecture Who This Book Is For“/div>divAnyone who wants to make a difference in offering effective security management for their business. You might already be a security manager seeking insight into areas of the job that you’ve not looked at before, or you might be a techie or risk guy wanting to switch into this challenging new career. Whatever your career goals are, Practical Security Management has something to offer you.

From William Horton -- a world renowned expert with more than thirty-five years of hands-on experience creating networked-based educational systems -- comes the next-step resource for e-learning training professionals. Like his best-selling book Designing Web-Based Training, this book is a comprehensive resource that provides practical guidance for making the thousand and one decisions needed to design effective e-learning. e-Learning by Design includes a systematic, flexible, and rapid design process covering every phase of designing e-learning. Free of academic jargon and confusing theory, this down-to-earth, hands-on book is filled with hundreds of real-world examples and case studies from dozens of fields. "Like the book's predecessor (Designing Web-based Training), it deserves four stars and is a must read for anyone not selling an expensive solution. -- From Training Media Review, by Jon Aleckson, www.tmreview.com, 2007

Have you begun to question traditional best practices in business continuity (BC)? Do you seem to be concentrating on documentation rather than preparedness? Compliance rather than recoverability? Do your efforts provide true business value? If you have these concerns, David Lindstedt and Mark Armour offer a solution in Adaptive Business Continuity: A New Approach. This ground-breaking new book provides a streamlined, realistic methodology to change BC dramatically. After years of working with the traditional practices of business continuity (BC) – in project management, higher education, contingency planning, and disaster recovery – David Lindstedt and Mark Armour identified unworkable areas in many core practices of traditional BC. To address these issues, they created nine Adaptive BC principles, the foundation of this book: Deliver continuous value. Document only for mnemonics. Engage at many levels within the organization. Exercise for improvement, not for testing. Learn the business. Measure and benchmark. Obtain incremental direction from leadership. Omit the risk assessment and business impact analysis. Prepare for effects, not causes. Adaptive Business Continuity: A New Approach uses the analogy of rebuilding a house. After the initial design, the first step is to identify and remove all the things not needed in the new house. Thus, the first chapter is “Demolition” – not to get rid of the entire BC enterprise, but to remove certain BC activities and products to provide the space to install something new. The stages continue through foundation, framework, and finishing. Finally, the last chapter is “Dwelling,” permitting you a glimpse of what it might be like to live in this new home that has been created. Through a wealth of examples, diagrams, and real-world case studies, Lindstedt and Armour show you how you can execute the Adaptive BC framework in your own organization. You will: Recognize specific practices in traditional BC that may be problematic, outdated, or ineffective. Identify specific activities that you may wish to eliminate from your practice. Learn the capability and constraint model of recoverability. Understand how Adaptive BC can be effective in organizations with vastly different cultures and program maturity levels. See how to take the steps to implement Adaptive BC in your own organization. Think through some typical challenges and opportunities that may arise as you implement an Adaptive BC approach.

The all-time bestselling training handbook, updated for new technologies and roles Active Training turns instructional design on its head by shifting the emphasis away from the instructor, and on to the learner. Comprehensively updated to reflect the many developments in the field, this new fourth edition covers the latest technologies and applications, the evolving role of the trainer, and how new business realities impact training, advancing new evidence-based best practices for new trainer tasks, skills, and knowledge. Up to date theory and research inform the practical tips and techniques that fully engage learners and help them get the most out of sessions, while updated workplace examples and revised templates and worksheets help bring these techniques into the classroom quickly. You'll gain insight into improving training evaluation by using Return on Expectations (ROE), learn how to extend the value of training programs through transfer of learning, and develop fresh, engaging methods that incorporate state-of-the-art applications. Active Training designs offer just the right amount of content; the right balance of affective, behavioral, and cognitive learning; a variety of approaches; real-life problem solving; gradual skill-building; and engaging delivery that uses the participants' expertise as a foundation for learning. This book is the classic guide to employing Active Training methods effectively and appropriately for almost any topic. Learn how the trainer's role has changed Engage learners through any training delivery method Inspire collaboration and innovation through application Overcome the challenges trainers face in the new business environment Active Training methods make training sessions fun, engaging, relevant, and most importantly, effective. Participants become enthusiastic about the material, and view sessions as interesting challenges rather than as means to fulfill requirements. To bring these widely endorsed methods into your training repertoire, Active Training is the complete practical handbook you need.

This updated and improved guide is designed to help accountants effectively perform SOC 1® engagements under AT-C section 320, Reporting on an Examination of Controls at a Service Organization Relevant to User Entities’ Internal Control Over Financial Reporting, of Statement on Standards for Attestation Engagements (SSAE) No. 18, Attestation Standards: Clarification and Recodification. With the growth in business specialization, outsourcing tasks and functions to service organizations has become increasingly popular, increasing the demand for SOC 1 engagements. This guide will help: Gain a deeper understanding of the requirements and guidance in AT-C section 320 for performing SOC 1 engagements. Obtain guidance from top CPAs on how to implement AT-C section 320 and address common and practice issues. Provide best in class services related to planning, performing, and reporting on a SOC 1 engagement. Successfully implement changes in AT-C section 320 arising from the issuance of SSAE 18, which is effective for reports dated on or after May 1, 2017. Determine how to describe the matter giving rise to a modified opinion by providing over 20 illustrative paragraphs for different situations. Understand the kinds of information auditors of the financial statements of user entities need from a service auditor's report. Implement the requirement in SSAE No. 18 to obtain a written assertion from management of the service organization. Organize and draft relevant sections of a type 2 report by providing complete illustrative type 2 reports that include the service auditor’s report, management’s assertion, the description of the service organization’s system, and the service auditor’s description of tests of controls and results. Develop management representation letters for SOC 1 engagements.

Providing a reliable supply of water requires being prepared for water shortages of varying degree and duration. What can a municipal water supplier do to mitigate water shortages caused by drought? Preparing for drought and water shortages before they occur is the best defense. This manual will help water managers facing water shortages by illustrating how to employ tried-and-true strategies and tactics of drought mitigation, as well as new tools and methods. Managing water shortages involves temporarily reducing demand and finding alternate water to temporarily increase supply. There are options available to water managers to accomplish this. The manual provides a proven, seven-step process to anticipate and respond to water shortages through a structured planning process.