New Books

Click on a book cover for more information or to order.

Introduction to the Process-centric Architecture Paradigm
Information technology systems in enterprises are in the midst of an evolution that impacts both business and technology. Business process management (BPM) is increasingly getting adopted in enterprises the world over; software architects and programmers are starting to leverage BPM-based software systems, and process-centric architectures (PCA) are becoming more popular in the field. PCA is an emerging trend in architecting enterprise systems. Read this excerpt from Process-Centric Architecture for Enterprise Software Systems to learn more.

A Business Case for ISO 27001 Certification
While your organization's marketing and sales teams attempt to leverage security as a market differentiator, information security leadership faces the daunting challenge of "doing more with less." This chapter sets out the benefits and provides a business case for an information security management system (ISMS) that conforms to the ISO 27001 standard.

Holding Back: A Counter-Intuitive Approach for Virtual Leaders
In this article, the authors present some practical guidelines to help virtual team leaders discern when team members need direction, support, or a combination--and how best to provide what team members need.

Adaptive Threats and Defenses
The survival of living organisms is often dependent on their ability to compensate for changes in their environment. The ability of an organism to compensate for changes encountered is referred to as adaptation. Predominately, the methods of adaptation involve changes in the organism's behavior, physical characteristics, or both. Some creatures are able to learn new skills or tricks that allow them to cope when changes occur. In other cases an organism might undergo a genetic mutation that provides it with a slight advantage over its rivals allowing it to survive better given the changed conditions. Adaptation can also occur with the combination of altered behaviors and new mutations. The ability to adapt is also exhibited in the cyber realm by threats and defenses. This article is primarily focused on the adaptability of attacker malware and defender security tools.

An Introduction to the U.S. Healthcare Industry, Information Technology, and Informatics
One way to better manage the complex nature of the heathcare industry is through the incorporation of information technologies. Web platforms, data storage, analytic software, telecom and wireless communications systems, etc., can help provide critical information and speed information dissemination to those who require it, when they require it. This article provides an introduction to information technology and informatics for healthcare.

The Balanced Scorecard and the Project Manager
For project managers, the balanced scorecard is an invaluable tool that permits the project manager to link a project to the business side of the organization using a "cause and effect" approach. Some have likened balanced scorecard to a new language, which enables the project manager and business line managers to think together about what can be done to support or improve business performance. This chapter examines the fundamentals of balanced scorecard as it relates to the precepts of project management. It examines the balanced scorecard in relationship to the organization and the people, processes, technologies, and products that are components of the organization’s discrete projects, programs, and collaborative efforts.

Privacy and Its Relation to Cloud-Based Information Systems
Cloud computing has significant implications for the privacy of personal information as well as for the confidentiality of business and governmental information. Any information stored locally on a computer can be stored in a cloud, including email, word processing documents, spreadsheets, videos, health records, photographs, tax or other financial information, business plans, PowerPoint presentations, accounting information, advertising campaigns, sales numbers, appointment calendars, address books, and more. There has been a good deal of public discussion of the technical architecture of cloud computing and the business models that could support it; however, the debate about the legal and policy issues regarding privacy and confidentiality raised by cloud computing has not kept pace.

Introducing the IT Infrastructure Library (ITIL)
ITIL is a set of best practices built around a process model-based view of controlling and managing IT operations. ITIL is considered one set of best practices in the more general field of ITSM. It is important to remember that ITIL is truly a library of books. The "architecture" of ITIL can be thought of as the structure imposed by the titles of the books that describe the best practices. Alternatively, the architecture can be thought of as the set of practices that make up the life cycle that ITIL describes.

Building Relationships, One Conversation at a Time: Virtual Relationships Require Real Conversations
Can you build a trusting relationship when you've never had an actual conversation? (And no, IM, email, text, Twitter and blog "conversations" don't count!) While it may be possible, it's pretty unlikely. Most business conversations tend to focus on tasks and priorities, whether to review the progress of a current project, delegate actions or make decisions. To build relationships, a certain kind of conversation needs to take place that goes beyond the usual checklist review or status report. While this type of conversation requires more effort, it's almost impossible to collaborate successfully without it. This article offers guidelines to create opportunities for conversations expressly designed to build relationships.

Information Destruction Requirements and Techniques
Organizations need to keep information such as employee personnel records, financial statements, contracts and leases, and more. Given the vast amount of paper and digital media that amasses over time, effective information destruction policies and practices are now a necessary part of doing business and will likely save organizations time, effort, heartache, and legal costs as well as embarrassment and more. In today's litigious environment, there are a plethora of aggressive lawyers that would love to devour your organization for failure to take due care around document and media destruction. This article looks at the key areas to ensure that your organization does not fall prey to such lawyers when it comes to the physical destruction of documents and records.

What's Your Core IT Competency? Really?
Most everyone outsources some part of their technology operation for all sorts of good-and occasionally bad-reasons. There's a reason why the IT services industry is clipping along at well over $1B per day in the United States alone. More and more companies have discovered the benefits of outsourcing relative to the recruitment and maintenance of large internal IT staffs. In the early years, we all thought outsourcing was about saving money, but then we discovered the truth: outsourcing it not only about saving money, but it's about rerouting money from non-core to core activities.

Leveraging IT Control Frameworks for Compliance
A variety of laws and regulations have surfaced over the past decade in an attempt to strengthen the security of information stored within the companies to which the information assets are entrusted. As a result of these laws and regulations, various security control "standards" and "frameworks" have evolved and become popular means to meet the requirements of the laws. Because laws and regulations are intentionally developed at a higher, "what needs to happen" level vs. the "how to secure the information" level, the standards and control frameworks become valuable tools to ensure that security is planned, organized, implemented, tested, and monitored.

Attacking RFID Systems
Radio-frequency identification (RFID) is no different from any other technology, so the possible attacks on it should be studied in depth. The extent of an attack can vary considerably; some attacks focus on a particular part of the system, such as the tag, whereas others target the whole system. Although there are references to such attacks in a number of publications, a rigorous study has not been made of the subject until now. This chapter examines the main threats to RFID security.

Project Critical Success Factors
Quite a few things can go wrong with software development. A wide variety of management considerations, such as project scope, scheduling, risk, tracking, estimation, etc., can "make or break" a project. We usually call these considerations critical success factors. This chapter examines project critical success factors. Topics highlighted include managing people, dealing with politics, and managing for disaster.

Introduction to Cryptography
The U.S. economy fundamentally changed in the last twenty years, as manufacturing and heavy industry moved overseas, replaced by a new focus on knowledge and data. This transformation has underscored the importance of safeguarding information through encryption. This article focuses on state-of-the-art encryption techniques used pervasively to protect data, such as personal identity, medical records, financial transactions, and electronic mail, to name a few.

Wireless Sensor Networks: We Are Getting There
Wireless sensor networks (WSN) are machine-to-machine (M2M) mesh networks operating like the Internet in that they are self-organizing and self-healing, mimicking the way a message is passed through a crowd of people. This article describes and looks into the future of WSN applications.

Leading vs. Managing Remote Teams: Making the Crucial Distinction
As more organizations work virtually, managers of traditional work teams are tapped to lead geographically dispersed teams. When thrust into this unfamiliar territory, many managers flounder, especially those who rely on command-and-control tactics to get work done across locations, functions, cultures and time zones. This article presents a summary of just some of those skills that are especially important for those who lead geographically dispersed teams.

The New Intelligence: The Birth of the Knowledge Management Industry
The introduction of computers led to an unmanageable proliferation of data, which stimulated the birth of knowledge management (KM). To understand KM and all of its components; i.e., business intelligence, content management, etc., it is necessary to first discuss the precursors to KM.