An essential resource for business managers at any-sized organization, this book provides the current best practice in managing data and information risks as companies face increasingly complex and dangerous threats to information security. The development of IT Governance, which recognizes the convergence between business and IT management, makes it essential for managers at all levels to understand how best to deal with information security risks. This text explores new legislation, including the launch of ISO/IEC 27001, which defines a single, global standard of information security. Includes access to a website that provides templates designed for implementation within any organization.