Achieving greater information security with a well-thought-out IT security concept: IT security management explained practically: security guidelines, IT compliance, business continuity management, risk management, and security audits. Establishing an Information Security Management System (ISMS) according to ISO 27001 and BSI IT Baseline Protection. Comprehensive practical knowledge for IT security managers. Today, data is migrated to and processed in public clouds, stored on mobile phones, shared via chat apps, or collected on a scale previously unimaginable as part of Industry 4.0. IT security managers must adapt their measures not only to these changes but also to the EU General Data Protection Regulation (GDPR), the German IT Security Act, customer requirements, and the Chinese Cybersecurity Law. This practical guide will help you, as an IT security manager, navigate the vast array of individual topics and tasks. Typical questions and answers for everyday work. Each chapter describes a specific area of IT security in detail. The necessary theoretical foundations alternate with practical tips, typical questions from everyday professional life, numerous concrete examples, and helpful checklists. All topics are then brought together in a final chapter that covers the introduction and further development of IT security management based on the ISO 27000 family of standards, while adhering to the data protection regulations of the EU GDPR. Practical Guide and Reference Work: This book provides you with both a competent practical guide – also suitable for those starting their careers – and a comprehensive reference work for your daily work. Contents include: Scope and purpose of IT security management; Organization of IT security; IT compliance; Customer audits using TISAX as an example; Interlinking information security and data protection; Organization of guidelines; Operation of IT security; IT business continuity management; IT emergency management; Availability management; Technical IT security; IT risk management; Security monitoring; IT security audit; Management of security incidents and IT forensics; Key performance indicators; Practical application: Setting up an ISMS; Awareness and training. Biography Thomas W. Harich currently works as Manager Information Security (CISO) in an automotive supplier company with approximately 20,000 employees. New product