Nine Steps to Success: An ISO 27001 Implementation Overview (häftad)
Format
Häftad (Paperback / softback)
Språk
Engelska
Antal sidor
132
Utgivningsdatum
2017-11-15
Upplaga
3rd ed.
Förlag
It Governance Ltd
Illustrationer
Illustrations, black and white
Dimensioner
216 x 140 x 8 mm
Vikt
195 g
Antal komponenter
1
Komponenter
22:B&W 5.5 x 8.5 in or 216 x 140 mm (Demy 8vo) Perfect Bound on White w/Gloss Lam
ISBN
9781849289498
Nine Steps to Success: An ISO 27001 Implementation Overview (häftad)

Nine Steps to Success: An ISO 27001 Implementation Overview

An ISO 27001:2013 Implementation Overview

Häftad Engelska, 2017-11-15
429
Skickas inom 5-8 vardagar.
Fri frakt inom Sverige för privatpersoner.
Step-by-step guidance on a successful ISO 27001 implementation from an industry leader

Resilience against cyber attacks requires an organization to defend itself across all of its attack surface: people, processes, and technology. ISO 27001 is the international standard that sets out the requirements of an information security management system (ISMS) ? a holistic approach to information security that encompasses people, processes, and technology. Accredited certification to the Standard is recognized worldwide as the hallmark of best-practice information security management.

Achieving and maintaining accredited certification to ISO 27001 can be complicated, especially for those who are new to the Standard.

Alan Calder knows ISO 27001 inside out: the founder and executive chairman of IT Governance, he led the implementation of the management system that achieved the world?s first accredited certification to BS 7799 ? the forerunner to ISO 27001 ? and has been working with the Standard ever since. Hundreds of organizations around the world have achieved accredited certification to ISO 27001 with IT Governance?s guidance, which is distilled in this book.

In Nine Steps to Success ? An ISO 27001 Implementation Overview, Alan provides a comprehensive overview of how to lead an ISO 27001-compliant ISMS implementation in just nine steps.

Product overview

Aligned with the latest iteration of ISO 27001:2013, this third edition of the original, no-nonsense guide to successful ISO 27001 certification is ideal for anyone tackling ISO 27001 for the first time. In nine critical steps, the guide covers each element of the ISO 27001 project in simple, non-technical language. There is a special focus on how US organizations can tackle this governance.

Aligned with the latest iteration of ISO 27001:2013, this book is ideal for anyone tackling ISO 27001 for the first time, and covers each element of the ISO 27001 project in simple, non-technical language, including:


  • Getting management support and keeping the board?s attention

  • Creating a management framework and performing a gap analysis so that you can clearly understand the controls you already have in place, and identify where you need to focus

  • Structuring and resourcing your project, including advice on whether to use a consultant or do it yourself, and examining the tools and resources that will make your job easier

  • Conducting a five-step risk assessment, and creating a Statement of Applicability (SoA) and risk treatment plan (RTP)

  • Guidance on integrating your ISO 27001 ISMS with an ISO 9001 quality management system (QMS) and other management systems

  • Addressing the documentation challenges you?ll face as you create business policies, procedures, work instructions, and records ? including viable alternatives to a costly trial...
Visa hela texten

Passar bra ihop

  1. Nine Steps to Success: An ISO 27001 Implementation Overview
  2. +
  3. Selling Information Security to the Board

De som köpt den här boken har ofta också köpt Selling Information Security to the Board av It Governance Publishing (häftad).

Köp båda 2 för 618 kr

Kundrecensioner

Har du läst boken? Sätt ditt betyg »

Bloggat om Nine Steps to Success: An ISO 27001 Imple...

Innehållsförteckning

1.       project mandate

2.       project initiation

3.       isms initiation

4.       management framework

5.       baseline security criteria

6.       risk management

7.       implementation

8.       measure, monitor, and review

9.       certification