Sign In Start Free Trial
Account

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Mastering Information Security Compliance Management
  • Table Of Contents Toc
  • Feedback & Rating feedback
Mastering Information Security Compliance Management

Mastering Information Security Compliance Management

By : Adarsh Nair, Greeshma M. R.
4.7 (19)
close
close
Mastering Information Security Compliance Management

Mastering Information Security Compliance Management

4.7 (19)
By: Adarsh Nair, Greeshma M. R.

Overview of this book

ISO 27001 and ISO 27002 are globally recognized standards for information security management systems (ISMSs), providing a robust framework for information protection that can be adapted to all organization types and sizes. Organizations with significant exposure to information-security–related risks are increasingly choosing to implement an ISMS that complies with ISO 27001. This book will help you understand the process of getting your organization's information security management system certified by an accredited certification body. The book begins by introducing you to the standards, and then takes you through different principles and terminologies. Once you completely understand these standards, you’ll explore their execution, wherein you find out how to implement these standards in different sizes of organizations. The chapters also include case studies to enable you to understand how you can implement the standards in your organization. Finally, you’ll get to grips with the auditing process, planning, techniques, and reporting and learn to audit for ISO 27001. By the end of this book, you’ll have gained a clear understanding of ISO 27001/27002 and be ready to successfully implement and audit for these standards.
Table of Contents (19 chapters)
close
close
1
Part 1: Setting the Stage – Definitions, Concepts, Principles, Standards, and Certifications
In Progress | 0 / 1 sections completed | 0%
Free Chapter
2
Chapter 1: Foundations, Standards, and Principles of Information Security
In Progress | 0 / 6 sections completed | 0%
4
Part 2: The Protection Strategy – ISO/IEC 27001/02 Design and Implementation
In Progress | 0 / 1 sections completed | 0%
5
Chapter 3: ISMS Controls
In Progress | 0 / 4 sections completed | 0%
chevron up
6
Chapter 4: Risk Management
In Progress | 0 / 4 sections completed | 0%
7
Chapter 5: ISMS – Phases of Implementation
In Progress | 0 / 4 sections completed | 0%
10
Part 3: How to Sustain – Monitoring and Measurement
In Progress | 0 / 1 sections completed | 0%
11
Chapter 8: Audit Principles, Concepts, and Planning
In Progress | 0 / 6 sections completed | 0%
14
Chapter 11: Auditor Competence and Evaluation
In Progress | 0 / 6 sections completed | 0%
15
Chapter 12: Case Studies – Audit Planning, Reporting Nonconformities, and Audit Reporting
In Progress | 0 / 5 sections completed | 0%
16
Index
In Progress | 0 / 2 sections completed | 0%
Appendix – Terms and Definitions
In Progress | 0 / 1 sections completed | 0%

Summary

ISO 27002 is a code of practice for the controls of an ISMS, and it goes into far more detail than ISO 27001’s Annex A controls. The list of 93 controls, divided into 4 control sets, is expanded in clauses A.5 to A.8 of ISO 27002:2022.

While ISO 27002 is not a certifiable standard in and of itself, following its information security management principles will help the company satisfy ISO 27001 certification requirements. It explains how to comply with the ISO 27001 standard and how to implement it.

Because there is no one-size-fits-all information security solution, the appropriate information security controls must be decided on based on their risk assessment and appropriate controls. The CIA triad can be used to define information security in this context.

In the upcoming chapter, we will see one of the most significant aspects of the entire information security auditing process – risk management. The important steps of identifying, analyzing, measuring...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech

Create a Note

Modal Close icon
You need to login to use this feature.
notes
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected

Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Delete Note

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Edit Note

Modal Close icon
Write a note (max 255 characters)
Cancel
Update Note

Confirmation

Modal Close icon
claim successful

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY