"The book recognizes, and correctly characterizes, digital security according to one of the fundamental tenets of IT governance: security, like IT governance, is a management issue, not a technical one. This book takes a very practical approach to a critical issue, and provides executive management with sound, cost-effective techniques grounded in business realities. Management and the C-suite will do well to keep these techniques in mind when formulating IT strategies that are aligned with and support business goals."
—Marios Damianides
CISA, CISM, CPA, CA, International President, Information Systems Audit and Control Association and IT Governance Institute
"Ernst & Young has done a superb job in demonstrating why the integrity of Digital Information Systems is fundamental to success. The authors show that protecting computers from attack is only a small part of this task. This book focuses on handling systemic risk and complexity—the inevitable problems that arise when you integrate computerized information systems with human activity systems: namely the company itself, customers, suppliers, competitors, as well as the broader political and regulatory environment. I can recommend it as essential reading to all senior executives."
—Ian Angell
Professor of Information Systems, London School of Economics
"The CBI considers security of information to be a major issue for individuals and businesses in the growing digital world. This book makes clear, that the key to success in this new environment is in using technology effectively—technology cannot make a badly organised business good, but it can make a good business better. Ernst & Young has identified critical organisational and management processes that global companies need to implement to ensure that technology effectively secures information assets that are at the heart of today's economy."
—Digby Jones
Director General, CBI
Part 1 The challenge of the frontier
Part 2 The agenda for action
Part 3 The approach for safety