Edition |
Third edition. |
Description |
1 online resource |
Bibliography |
Includes bibliographical references. |
Note |
PDF (JSTOR, viewed May 12, 2016). |
Contents |
Cover; Title; Copyright; Contents; Introduction; The ISO 27000 family; Before you start; Chapter 1: Project Mandate; Strategic alignment; Prioritisation and endorsement; Change management; The CEO's role; The Project Mandate; Chapter 2: Project Initiation; Objectives; Project management; Project leadership; Senior management support; Project team; Project plan; Structured approach to implementation; Phased approach; The project plan; Integration with existing security management systems; Quality system integration; Looking ahead; Costs and project monitoring; Risk register. |
|
Chapter 3: ISMS InitiationContinual improvement; Security improvement plan; Expanding the RACI matrix; Documentation; Four levels of documentation; Documentation approaches; Chapter 4: Management Framework; Scoping; Endpoint security; Defining boundaries; Network mapping; Cutting corners; Formalise key arrangements; Information security policy; Communication strategy; Staff buy-in; Chapter 5: Baseline Security Criteria; Chapter 6: Risk Management; Introduction to risk management; Baseline security controls; Risk assessment; Five-step risk assessment process; Risk workshop; Impacts; Controls. |
|
Risk assessment toolsControls; Nature of controls; Control selection criteria; Statement of applicability; Risk treatment plan; Chapter 7: Implementation; Competencies; The 'all persons' requirement; Staff awareness; Outsourced processes; Chapter 8: Measure, Monitor and Review; Internal audit, and testing; Management review; Chapter 9: Certification; ISO 27001 Resources; ISO 27001:2013 ISMS Documentation Toolkit; vsRisk"! (UK) IT Legal Compliance Database; ISO 27001 staff awareness e-learning; ISO27001 Do It Yourself packaged consultancy; ISO 27001 Get A Little Help packaged consultancy. |
|
ISO 27001 Get A Lot Of Help packaged consultancyISO 27001 bespoke consultancy; ISO 27001 Certified ISMS Lead Implementer Training Course; ISO 27001 Certified ISMS Lead Auditor Training Course; ISO 27005 Certified Risk Management Training Course; ITG Resources. |
Summary |
Providing a comprehensive overview of how to lead a successful ISO27001-compliant ISMS implementation in just nine steps, this no-nonsense guide is ideal for anyone tackling ISO27001 for the first time, and covers each element of the ISO27001 project in simple, non-technical language.-- Edited summary from book. |
Subject |
Computer security -- Management.
|
|
Computer security -- Standards.
|
|
Data protection -- Standards.
|
|
COMPUTERS -- Internet -- Security.
|
|
COMPUTERS -- Networking -- Security.
|
|
COMPUTERS -- Security -- General.
|
|
Computer security -- Management.
(OCoLC)fst00872493
|
|
Computer security -- Standards. (OCoLC)fst00872495
|
|
Data protection -- Standards. (OCoLC)fst00887972
|
Other Form: |
Print version: Calder, Alan. Nine Steps to Succes : An ISO27001: 2013 Implementation Overview. Ely : IT Governance Publishing, ©2016 9781849288231 |
ISBN |
9781849288248 (electronic bk.) |
|
1849288240 (electronic bk.) |
|