Sign In Start Free Trial
Account

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Mastering Information Security Compliance Management
  • Toc
  • feedback
Mastering Information Security Compliance Management

Mastering Information Security Compliance Management

By : Adarsh Nair, Greeshma M. R.
4.7 (19)
close
Mastering Information Security Compliance Management

Mastering Information Security Compliance Management

4.7 (19)
By: Adarsh Nair, Greeshma M. R.

Overview of this book

ISO 27001 and ISO 27002 are globally recognized standards for information security management systems (ISMSs), providing a robust framework for information protection that can be adapted to all organization types and sizes. Organizations with significant exposure to information-security–related risks are increasingly choosing to implement an ISMS that complies with ISO 27001. This book will help you understand the process of getting your organization's information security management system certified by an accredited certification body. The book begins by introducing you to the standards, and then takes you through different principles and terminologies. Once you completely understand these standards, you’ll explore their execution, wherein you find out how to implement these standards in different sizes of organizations. The chapters also include case studies to enable you to understand how you can implement the standards in your organization. Finally, you’ll get to grips with the auditing process, planning, techniques, and reporting and learn to audit for ISO 27001. By the end of this book, you’ll have gained a clear understanding of ISO 27001/27002 and be ready to successfully implement and audit for these standards.
Table of Contents (19 chapters)
close
1
Part 1: Setting the Stage – Definitions, Concepts, Principles, Standards, and Certifications
chevron up
4
Part 2: The Protection Strategy – ISO/IEC 27001/02 Design and Implementation
10
Part 3: How to Sustain – Monitoring and Measurement
Appendix – Terms and Definitions

Part 1: Setting the Stage – Definitions, Concepts, Principles, Standards, and Certifications

Part 1, encompassing Chapter 1 and Chapter 2, is the cornerstone of this book, setting the scene with an exploration of information security’s fundamental principles and the ISO 27001 standard. Chapter 1 explains the basics of information security – confidentiality, integrity, and availability – and introduces the ISMS framework. Chapter 2 builds on this foundation by examining the PDCA process model integral to ISO 27001, providing a SWOT analysis of ISMS implementation, and underscoring the importance of accreditations and certifications. This section lays a robust groundwork for a comprehensive understanding of the ISO/IEC 27001/27002 standards.

This part has the following chapters:

  • Chapter 1, Foundations, Standards, and Principles of Information Security
  • Chapter 2, Introduction to ISO 27001
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected

Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete