InfoTech Governance, Policy, Ethics & Law

Reviewed by Arif Akgul, Associate Professor, Old Dominion University on 12/10/25

Comprehensiveness rating: 3 see less

One of the major issues about the book is that each module covers such broad topics that any one of them could be an entire textbook on its own. For example, cybersecurity and data protection, intellectual property, cyber forensics, cyber Intelligence, e-gov and digital transformation and impact of IT on society are each massive fields with their own extensive literature. Trying to address all these complex subjects in single chapters results in surface-level treatment which lacks the depth for students. The book would be more effective if it either narrowed its scope to fewer topics covered comprehensively, or clearly positioned itself as a survey text that introduces concepts requiring additional resources for deeper study.

Content Accuracy rating: 3

Although the content demonstrates accuracy and appears error-free with the author's credentials (PhD in Software Engineering, MPhil in Information Systems, and 30 years of experience in IT and academia with many publications), the text does not include any proper learning objectives, overviews, theoretical framework and proper citations and additional research and bibliography.

Relevance/Longevity rating: 3

While the book (published in 2025) addresses highly current and relevant topics such as IT governance, cybersecurity, ethical approaches, artificial intelligence, and e-government, it lacks an overarching conceptual model to connect the modules together. There is no explanation of the learning progression or rationale for the sequence of topics, which creates confusion and disconnection between related content areas.
This organizational problem is particularly evident with the cybersecurity-related modules. Module 2 (Cybersecurity & Data Protection), Module 7 (Legal Governance, Cyber Forensics, Cyber Intelligence), and Module 9 (Cyber Loss Process & Cyber Insurance) are thematically related but are separated by unrelated topics including Module 5 (Ethical Theories) and Module 6 (Intellectual Property & Copyright). This fragmented arrangement disrupts the logical flow of learning and makes it difficult for readers to build a coherent understanding of interconnected concepts. Students may struggle to see how these various topics relate to one another without a clear conceptual framework guiding them through the material.

Clarity rating: 3

The text is written in clear, accessible and appropriate for the intended audience. Technical terminology is used appropriately given the subject matter, but the concepts are not explained systematically and chronologically. Although the text does not demonstrate logical flow of ideas or illustrate complex concepts, it is written in professional and basic academic which make it readable many students. The modular organization helps clarity by breaking complex topics into various sections. Also all content can be navigated using a links and headings and it is assessable with various formats.

Consistency rating: 4

The textbook maintains consistent terminology and professional tone, using standard terms, although the formatting and structure vary considerably between modules. Some modules rely heavily on bullet points while others use dense paragraphs, creating an inconsistent reading experience.

Modularity rating: 4

The textbook is divided into 10 separate modules that instructors can teach in different orders, but some modules are much longer than others (ranging from 37 to 98 pages), which makes it harder to balance course schedules and plan assignments.

Organization/Structure/Flow rating: 3

While individual modules are internally organized, the overall sequence lacks clear logic for example cybersecurity are scattered across Modules 2, 7, and 9 with unrelated content in between, IT governance, IT impact to society and e-government are related concepts but scattered in Module 1, 8 and 10 and there is no explanation of why topics are ordered this way or how they build upon each other.

Interface rating: 3

While the textbook does not suffer from distorted images or charts (because it contains very few visual elements), it presents several significant interface challenges that hinder usability and navigation. The absence of visual elements such as diagrams, flowcharts, and infographics creates a monotonous text-heavy interface that reduces readability and engagement. The interface could be created in a way that the readers could quickly scan and identify key concepts, definitions, or important takeaways.

Grammatical Errors rating: 5

The text contains no significant grammatical errors and consistently follows Australian English spelling such as "organisation," "centre," "analyse," and "behaviour". The writing demonstrates professional academic quality with proper sentence structure and punctuation.

Cultural Relevance rating: 4

The textbook is not culturally insensitive or offensive, and it maintains respectful, and follow professional language. However, it is heavily Australian-centric, focusing on Australian institutions (ACSC, AUSTRAC), legislation (Privacy Act 1988), and frameworks (Australian Digital Inclusion Index). Although international standards like GDPR and ISO are mentioned, the examples, case studies, and guidance are overwhelmingly drawn from the Australian context. This geographic limitation significantly reduces the book's applicability for international students and instructors, who would need to supplement with general or various regional examples.

The textbook needs a comprehensive introductory section that clearly establishes the book's scope, purpose, and intended audience. The author should articulate the pedagogical approach and learning objective underlying the text, explain the conceptual framework that connects the modules together, and specify any prerequisites or assumed knowledge required for students. Additionally, the introduction should provide guidance on how to use the textbook effectively, for example, whether it is intended as a primary text or supplementary resource and some recommendations for navigating the material. Without this foundational orientation, instructors and students lack essential context for understanding how the book fits into their learning objectives.

Reviewed by Kim Perez, Professor, Tidewater Community College on 11/24/25

Comprehensiveness rating: 5 see less

The ebook InfoTech Governance, Policy, Ethics & Law is a notably comprehensive resource that offers a wide-ranging, well-integrated overview of the many domains involved in modern IT governance. Its modular structure covers governance frameworks, cybersecurity, data protection, breach response, ethical theory, intellectual property, cyber forensics, societal impacts, and digital transformation. This breadth reflects the complex, interdisciplinary nature of IT governance and ensures readers encounter both strategic and operational perspectives.

Within each module, the text offers substantial depth. Discussions of frameworks such as COBIT, ISO/IEC 38500, and ITIL move beyond basic definitions to examine organizational roles, processes, and decision-making principles. The cybersecurity and incident-management sections include detailed procedures, indicators, and assessment guidelines that align closely with real-world professional practice. The continued incorporation of legal and ethical dimensions throughout the text reinforces the need for IT professionals to understand governance within regulatory, organizational, and societal contexts.

The inclusion of maturity models, checklists, scenarios, and appendices adds practical value and enhances the text’s usability outside the classroom. Its attention to structure, clarity, and accessibility further supports its educational effectiveness. Overall, the textbook offers a well-organized and thorough examination of IT governance, making it a strong resource for academic programs and professional development.

Content Accuracy rating: 5

The ebook InfoTech Governance, Policy, Ethics & Law presents information that is consistently accurate and aligned with current industry standards. Its explanations of major governance frameworks such as COBIT, ITIL, and ISO/IEC 38500 reflect their accepted structures and applications. The cybersecurity sections accurately describe modern threats, data protection practices, and legal requirements, including GDPR, HIPAA, and CCPA, without overstating or misinterpreting regulatory obligations.

The incident management maturity model is presented with precision, using indicators and evidence rules that match recognized assessment methods. Legal and ethical content, including intellectual property rights and ethical theories, is correctly defined and consistent with established academic interpretations. The text demonstrates reliable accuracy in its use of terminology, descriptions of processes, and representation of legal and technical concepts, making it a dependable resource for both academic and professional use.

Relevance/Longevity rating: 5

The ebook is highly relevant to the current landscape of information technology, reflecting the challenges, standards, and expectations faced by modern organizations. Its coverage of governance frameworks, cybersecurity practices, data protection requirements, and incident response aligns directly with the operational and regulatory pressures that IT professionals manage today. The inclusion of topics such as digital ethics, responsible AI, cloud computing, and cyber insurance ensures the text speaks to emerging issues shaping the future of IT governance.

The legal and ethical discussions are especially timely, given the increasing global focus on data privacy, regulatory compliance, and responsible technology use. Practical modules on breach response and maturity assessments mirror real organizational needs and industry expectations, making the content immediately applicable in professional settings. The text remains relevant across academic, corporate, and public-sector environments by addressing both foundational concepts and rapidly evolving trends. It equips readers with knowledge that is directly applicable to contemporary IT governance challenges.

Clarity rating: 5

The ebook is written in a clear, accessible style that supports both comprehension and instructional use. Concepts are introduced systematically, moving from foundational ideas to more complex applications, which helps readers build understanding without feeling overwhelmed. The modular structure and consistent use of headings, subheadings, and labeled frameworks make the material easy to navigate. Technical terms are explained accurately and in plain language, allowing readers with varying levels of prior knowledge to follow along. Examples, checklists, and structured models further enhance clarity by translating abstract ideas into concrete, understandable steps. Legal and ethical topics, which can often be dense, are presented in a straightforward manner that avoids unnecessary jargon. The text maintains a clear and organized presentation throughout, making complex IT governance topics approachable for students, educators, and practitioners.

Consistency rating: 5

InfoTech Governance, Policy, Ethics & Law demonstrates strong consistency across its structure, terminology, and presentation. Each module follows a predictable organizational pattern, beginning with foundational concepts and progressing to applied practices, allowing readers to move smoothly through the material. Key frameworks and principles are introduced using uniform language, and terminology is applied consistently across chapters, reducing ambiguity in complex technical and legal topics. The writing style remains steady throughout, balancing academic rigor with accessibility. Definitions, models, and procedural steps are presented in similar formats across modules, creating a cohesive reading experience. The integration of legal, ethical, and technical content is also handled consistently, reinforcing connections between domains rather than treating them as isolated subjects.

Modularity rating: 5

The ebook demonstrates a well-designed modular structure that enhances both usability and learning. Each module functions as a self-contained unit with a clear focus, such as IT governance frameworks, cybersecurity, data protection, ethical theory, intellectual property, or incident management. Because the modules are organized around distinct themes, instructors and readers can engage with them independently or in sequence without losing coherence. The internal structure of each module follows a similar pattern: introductory context, detailed explanations, practical tools or models, and applied considerations. This uniform design supports flexible teaching approaches and accommodates varied learning needs. The modularity also allows the text to stay relevant, as individual sections can be updated, referenced, or assigned without requiring changes to the entire book.

Organization/Structure/Flow rating: 5

The textbook's progression of modules creates a clear conceptual arc that mirrors how IT governance functions in practice. This sequencing helps readers build understanding step by step, moving from strategic principles to operational processes and finally to broader contextual issues. Within each module, the content is arranged coherently, beginning with an overview, followed by detailed explanations, practical tools, and applied examples. Headings, subheadings, lists, and consistent formatting make navigation intuitive. The inclusion of appendices and reference materials at the end of the text further strengthens the organization by providing supplemental resources without interrupting the main instructional flow.

Interface rating: 5

The ebook offers a clear and user-friendly interface that supports effective navigation and ease of use. The consistent placement of headings, subheadings, tables, and checklists creates a clean visual structure, allowing readers to locate key concepts and reference materials quickly. The layout avoids clutter, presenting information in a readable, visually organized way. The text also benefits from accessibility features, such as alternative file formats and a straightforward approach to labeling modules and sections. These elements make the resource adaptable for diverse learning environments, including online, hybrid, and traditional classrooms. The appendices and supporting materials are positioned logically at the end of the text, providing additional depth without interrupting the reading flow.

Grammatical Errors rating: 5

InfoTech Governance, Policy, Ethics & Law is written with consistently strong grammatical quality. Sentences are clear, structurally sound, and free of notable errors that might interrupt comprehension. The author maintains proper subject–verb agreement, correct verb tenses, and coherent sentence flow throughout the modules. Transitions between ideas are smooth, and punctuation is used appropriately to support clarity.

Cultural Relevance rating: 5

The ebook demonstrates an awareness of cultural considerations in both its content and its framing. The inclusion of an Acknowledgement of Country at the beginning of the text reflects respect for Indigenous communities and situates the work within its Australian academic context. This establishes a culturally considerate tone and signals sensitivity to diverse perspectives. Throughout the modules, the text discusses global governance frameworks, international regulations, and cross-border data protection laws, which help readers understand IT governance as an inherently multicultural and international domain. Although the material is primarily grounded in Western regulatory systems and governance models, it avoids culturally biased language and presents concepts in a neutral, inclusive manner. The textbook’s discussions of ethics, responsible technology, and societal impacts further reinforce its cultural sensitivity by acknowledging varied social contexts and the importance of diverse stakeholder needs. While not deeply focused on cultural theory, the text maintains an informed and respectful approach that supports learners from different backgrounds.

One minor consideration is that some sections are highly detailed, which may feel dense for readers new to the field. However, the modular structure allows instructors to assign or skip sections as needed, reducing cognitive load for beginning learners.

Overall, the textbook is a strong and versatile resource, well-suited for undergraduate and graduate courses in IT governance, cybersecurity management, digital ethics, and policy. Its combination of academic rigor, applied practice, and open-access availability makes it a valuable contribution to the IT governance literature.