Process Management is a compendium for modern design of process-oriented companies. A hands-on approach introducing, realizing and continually administering process management is presented with a thoroughly critical reflection of the necessary activities regarding the state of the art of organization theory and information management. This is done by following individual stages of a process model which has already successfully proved in practice. The progress of the project is described by a continuous case study which is the process management project of a modern service company. The included recommendations are summarized in a series of checklists for each stage of the project.
Mergers and acquisitions (M&A) experts Tim Galpin and Mark Herndon present an updated and expanded guide to planning and managing the M&A process. This comprehensive book is unique in providing the tools to address both the human and operational sides of integration. Based on the authors' consulting experience with numerous Fortune 500 companies, this resource will help organizations capture deal synergies more quickly and effectively. Augmenting their step-by-step advice with helpful templates, checklists, graphs and tools, Galpin and Herndon provide sound guidance for successfully integrating different processes, organizations, and cultures. The authors also address pre-deal do’s and don’ts, people dynamics, common mistakes, communications strategies, and specific actions you can take to create measurable positive results throughout the integration process. The revised edition not only updates case studies and presents recent integration research, but it also adds new tools.
Complete Guide to Federal and State Garnishment provides much-needed clarity when the federal and state laws appear to conflict. You'll find plain-English explanations of the laws and how they interact, as well as the specific steps you and your staff need to take to respond to the order properly. Numerous detailed examples and mathematical calculations make it easy to apply the law under different scenarios. Written by Amorette Nelson Bryant, who was recently appointed by the Uniform Law Commission as an observer for the Drafting Committee on a Wage Garnishment Act and was a past chair of both the APA GATF Child Support Subcommittee and Garnishment Subcommittee, Complete Guide to Federal and State Garnishment brings the payroll professional up-to-date on the latest federal and state laws and regulations affecting this ever-changing area. It is your one-stop source for answers to critical questions, such as: Does the amount exempt from garnishment change when the minimum wage goes up? How do I determine the wages to which the garnishment applies? If an employee is subject to more than one garnishment, which has priority? Which state's rules do I use when I receive a child support order sent from another state? State or federal law - which applies for creditor garnishment and support? Are there alternatives to remitting withheld child support via EFT/EDI? How do I handle garnishments when employees are paid a draw against salary? Previous Edition: Complete Guide to Federal and State Garnishment, 2019 Edition, ISBN 9781454899921
The Complete Guide for CISA Examination Preparation delivers complete coverage of every topic on the latest release of the Certified Information Systems Auditor (CISA) exam. The author is an IT security and auditing expert and the book covers all five exam domains. This effective self-study system features chapter learning objectives, in-depth explanations of each topic, and accurate practice questions. Each chapter includes exam tips that highlight key exam information, hands-on exercises, a summary that serves as a quick review, and end-of-chapter questions that simulate those on the actual exam. Designed to help candidates pass the CISA exam easily, it also serves as an ideal on-the-job reference. Richard E. Cascarino, MBA, CIA, CISM, CFE, CRMA, is well known in international auditing. Richard is a principal of Richard Cascarino & Associates. He has over 31 years’ experience in audit training and consulting. He is a regular speaker at national and international conferences and has presented courses throughout Africa, Europe, the Middle East and the USA. Richard is a Past President of the Institute of Internal Auditors in South Africa, was the founding Regional Director of the Southern African Region of the IIA-Inc. and is a member of ISACA, and the Association of Certified Fraud Examiners, where he is a member of the Board of Regents for Higher Education. Richard was Chairman of the Audit Committee of Gauteng cluster 2 (Premier's office, Shared Services and Health) in Johannesburg and is currently the Chairman of the Audit and Risk Committee of the Department of Public Enterprises in South Africa. Richard is also a visiting Lecturer at the University of the Witwatersrand, author of the book Internal Auditing: An Integrated Approach, now in its third edition. This book is extensively used as a university textbook worldwide. In addition, he is the author of the Auditor's Guide to IT Auditing, Second Edition and the book Corporate Fraud and Internal Control: A Framework for Prevention. He is also a contributor to all four editions of QFINANCE, the Ultimate Resource.
See how privileges, insecure passwords, administrative rights, and remote access can be combined as an attack vector to breach any organization. Cyber attacks continue to increase in volume and sophistication. It is not a matter of if, but when, your organization will be breached. Threat actors target the path of least resistance: users and their privileges. In decades past, an entire enterprise might be sufficiently managed through just a handful of credentials. Today’s environmental complexity has seen an explosion of privileged credentials for many different account types such as domain and local administrators, operating systems (Windows, Unix, Linux, macOS, etc.), directory services, databases, applications, cloud instances, networking hardware, Internet of Things (IoT), social media, and so many more. When unmanaged, these privileged credentials pose a significant threat from external hackers and insider threats. We are experiencing an expanding universe of privileged accounts almost everywhere. There is no one solution or strategy to provide the protection you need against all vectors and stages of an attack. And while some new and innovative products will help protect against or detect against a privilege attack, they are not guaranteed to stop 100% of malicious activity. The volume and frequency of privilege-based attacks continues to increase and test the limits of existing security controls and solution implementations. Privileged Attack Vectors details the risks associated with poor privilege management, the techniques that threat actors leverage, and the defensive measures that organizations should adopt to protect against an incident, protect against lateral movement, and improve the ability to detect malicious activity due to the inappropriate usage of privileged credentials. This revised and expanded second edition covers new attack vectors, has updated definitions for privileged access management (PAM), new strategies for defense, tested empirical steps for a successful implementation, and includes new disciplines for least privilege endpoint management and privileged remote access. What You Will Learn Know how identities, accounts, credentials, passwords, and exploits can be leveraged to escalate privileges during an attack Implement defensive and monitoring strategies to mitigate privilege threats and risk Understand a 10-step universal privilege management implementation plan to guide you through a successful privilege access management journeyDevelop a comprehensive model for documenting risk, compliance, and reporting based on privilege session activity Who This Book Is For Security management professionals, new security professionals, and auditors looking to understand and solve privilege access management problems
This comprehensive new resource provides an introduction to fundamental Attribute Based Access Control (ABAC) models. This book provides valuable information for developing ABAC to improve information sharing within organizations while taking into consideration the planning, design, implementation, and operation. It explains the history and model of ABAC, related standards, verification and assurance, applications, as well as deployment challenges. Readers find authoritative insight into specialized topics including formal ABAC history, ABAC’s relationship with other access control models, ABAC model validation and analysis, verification and testing, and deployment frameworks such as XACML. Next Generation Access Model (NGAC) is explained, along with attribute considerations in implementation. The book explores ABAC applications in SOA/workflow domains, ABAC architectures, and includes details on feature sets in commercial and open source products. This insightful resource presents a combination of technical and administrative information for models, standards, and products that will benefit researchers as well as implementers of ABAC systems in the field.
The Complete Guide to Human Resources and the Law will help you navigate complex and potentially costly Human Resources issues. You'll know what to do (and what not to do) to avoid costly mistakes or oversights, confront HR problems - legally and effectively - and understand the rules. The Complete Guide to Human Resources and the Law offers fast, dependable, plain English legal guidance for HR-related situations from ADA accommodation, diversity training, and privacy issues to hiring and termination, employee benefit plans, compensation, and recordkeeping. It brings you the most up-to-date information as well as practical tips and checklists in a well-organized, easy-to-use resource. Previous Edition: Complete Guide to Human Resources and the Law, 2018 Edition ISBN 9781454899945
Managing data continues to grow as a necessity for modern organizations. There are seemingly infinite opportunities for organic growth, reduction of costs, and creation of new products and services. It has become apparent that none of these opportunities can happen smoothly without data governance. The cost of exponential data growth and privacy / security concerns are becoming burdensome. Organizations will encounter unexpected consequences in new sources of risk. The solution to these challenges is also data governance; ensuring balance between risk and opportunity. Data Governance, Second Edition, is for any executive, manager or data professional who needs to understand or implement a data governance program. It is required to ensure consistent, accurate and reliable data across their organization. This book offers an overview of why data governance is needed, how to design, initiate, and execute a program and how to keep the program sustainable. This valuable resource provides comprehensive guidance to beginning professionals, managers or analysts looking to improve their processes, and advanced students in Data Management and related courses. With the provided framework and case studies all professionals in the data governance field will gain key insights into launching successful and money-saving data governance program. - Incorporates industry changes, lessons learned and new approaches - Explores various ways in which data analysts and managers can ensure consistent, accurate and reliable data across their organizations - Includes new case studies which detail real-world situations - Explores all of the capabilities an organization must adopt to become data driven - Provides guidance on various approaches to data governance, to determine whether an organization should be low profile, central controlled, agile, or traditional - Provides guidance on using technology and separating vendor hype from sincere delivery of necessary capabilities - Offers readers insights into how their organizations can improve the value of their data, through data quality, data strategy and data literacy - Provides up to 75% brand-new content compared to the first edition
Capacity Management is described in most key ITSM frameworks: ITIL, ISO 20000 Microsoft Operations Framework (MOF) and the Application Service Library (ASL) all note the importance of Capacity Management. This major title meets the need for an in-depth practical guide to this critical process. Written and reviewed by some of the world s most respected experts in this field it shows how Capacity Management best practice can support provision of a consistent, acceptable service level at a known and controlled cost. Practical advice covers the essential control of two balances: Supply versus demand and resources versus cost. In times of mean, frugal economic measures, it is essential to focus on those practices that are effective and yield practical results. In enlightened times of sustainability, it is also a requirement to find solutions that satisfy the criteria for 'greenness'. This excellent title shows how Capacity Management works not only within an IT environment but also why it is pivotal in meeting high profile business demands. Aligns with ISO/IEC 20000 and ITIL® ISO/IEC lists a set of required capacity management deliverables ITIL outlines what should be done in capacity management this book starts to describe how to do it Covers details of what capacity management is all about: what is capacity management why do it benefits and cost-benefit analysis how to do it data-flows and activities who does it roles and perspectives implementation, maintenance, improvement, tools Provides comprehensive templates and checklists: objectives, interfaces and data-flows, sub-practices and activities metrics, application sizing parameters, data for modelling deliverables, reports, CMMI levels, KPIs, risk matrix sample capacity plan
This textbook provides organisational leadership with an understanding of business process management and its benefits to an organisation. It provides a practical framework, complete with a set of tools and techniques, to successfully implement business process management projects.
