Nine steps to success : an ISO27001:2013 implementation overview /

Mostrar otras versiones (3)

Completely up to date with ISO27001:2013, this is the new edition of the original no-nonsense guide to successful ISO27001 certification. Ideal for anyone tackling ISO27001 for the first time, Nine Steps to Success outlines the nine essential steps to an effective ISMS implementation. Nine critical...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Calder, Alan, 1957- (Autor)
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Ely, United Kingdom : IT Governance Publishing, 2013.
Edición:Second edition.
Temas:
Data protection.
Computer security.
Business enterprises > Computer networks > Security measures.
Protection de l'information (Informatique)
Sécurité informatique.
COMPUTERS > Security > General.
Business enterprises > Computer networks > Security measures
Computer security
Data protection
Acceso en línea:Texto completo
Tabla de Contenidos:
  • About the Author; Introduction; Chapter 1: Initial Approach; Information risk and regulatory risk; The 'fear list'; ISO27001/ISO27002; Skills, knowledge and competence; Links to other standards; Chapter 2: Management Support; Strategic alignment; Prioritisation and endorsement; Change management; The CEO's role; The CEO's commitment; Senior management support; Chapter 3: Scoping; Endpoint security; Defining boundaries; Phased approach; Network mapping; Cutting corners; Chapter 4: Planning; Structured approach to implementation; Plan; Do; Check; Act.
  • Integration with existing security management systemsGap analysis; Quality system integration; Project management; Project team chair; Project plan; Costs and project monitoring; Consultants; Information security manager; Specialist information security advice; Functional specialists; Chapter 5: Communication; Staff buy-in; Information security policy; Chapter 6: Risk Assessment; Introduction to risk management; Baseline control set; Risk assessment; Who conducts the risk assessment?; Risk analysis; Risk workshop; Impacts; Controls; Risk assessment tools; Chapter 7: Control Selection.
  • Nature of controlsControl selection criteria; Statement of applicability; Chapter 8: Documentation; Four levels of documentation; Documentation approaches; Trial and error; External expertise; Third party documentation toolkit plus guidance; Chapter 9: Testing; Chapter 10: Successful Certification; ITG Resources.

Ejemplares similares