ISO27001/ISO27002 A Pocket Guide, Second Edition

Description

Protect your organization’s information with ISO 27001:2013

Information is one of your organization’s most important resources and keeping that information secure is vital to your business. This handy pocket guide is an essential overview of two key information security standards that cover the formal requirements (ISO 27001:2013) for creating an Information Security Management System (ISMS), and the best-practice recommendations (ISO 27002:2013) for those responsible for initiating, implementing or maintaining it.

An ISMS based on ISO 27001/ISO 27002 offers a host of benefits:

• Improved efficiency by having information security systems and procedures in place, enabling you to focus more on your core business
• Protects your information assets from a wide range of cyber threats, criminal activity, insider compromise, and system failure
• Manage your risks systematically and establish plans to eliminate or reduce cyber threats
• Enables earlier detection of threats or processing errors, and faster resolution

Next step to certification?

You can arrange for an independent audit of your ISMS against the specifications of ISO 27001 and, if your ISMS conforms, eventually achieve accredited certification. ISO 27001 certification can assist with your compliance to other required and voluntary state regulations such as the NYDFS Cybersecuirty Regulations, the CCPA, and the NIST Cybersecurity Framework. We publish a range of ISMS documentation toolkits and books, to help you achieve compliance. View our full ISO 27001 range.

Contents

About the Author

Alan Calder is the founder and executive chairman of IT Governance Ltd, an information, advice and consultancy firm that helps company boards tackle IT governance, risk management, compliance and information security issues. He has many years of senior management experience in the private and public sectors.

Customer reviews