An ISO 27001/27002 handbook: a practitioner's guide to ISO 27001/02 implementation and auditing

An ISO 27001/27002 handbook: a practitioner's guide to ISO 27001/02 implementation and auditing

Understand information security controls to secure your organization's digital information assetsKey FeaturesUnderstand the key principles and terminologies of ISO 27001/27002Grasp knowledge to implement these standards in your organizationLeverage knowledge learned to audit the systems for ISO...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Nair, Adarsh, R., Greeshma M
Format: Buch
Sprache:eng
Schlagworte:
Computer security
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Understand information security controls to secure your organization's digital information assetsKey FeaturesUnderstand the key principles and terminologies of ISO 27001/27002Grasp knowledge to implement these standards in your organizationLeverage knowledge learned to audit the systems for ISO 27001/27002Book DescriptionISO 27001 and ISO 27002 are the globally recognized standard for Information Security Management Systems (ISMS). These standards provide a robust framework to protect information that can be adapted to all types and sizes of organizations. Organizations that have significant exposure to information-security-related risks are increasingly choosing to implement an ISMS that complies with ISO 27001. This book is for people who work to get the information systems certified by an accredited certification body.This book starts with introducing the standard and taking you through different principles and terminologies. Once you completely understand these standards, we will dive into the implementation part where you learn how we can implement these standards in different sizes of organizations. There will be case studies that will help you understand how to implement it for your organization. Finally, you will learn to audit for ISO 27001/27002.By the end of the book, you will have gained an understanding of ISO 27001/27002 and you will be ready for implementing and auditing for these standards.What you will learnLearn the Foundation of Information SecurityGrasp ISO 27001/27002 standardsUnderstand interpretation of ISO 27001/02 control requirementsDiscover risk Management StrategiesImplement and maintain ISO 27001Perform an audit based on ISO 27001Who This Book Is ForThis book is for information security managers, information security consultants and auditors, information security officers, information security risk specialists, managers and business owners, and people involved in the implementation and administration of information security management systems according to ISO/IEC 27001.Table of ContentsFoundations, Standards, and Principles of Information SecurityIntroduction to ISO 27001ISO 27001/02 and Control ObjectivesRisk Assessment and Risk ManagementISMS Development StagesInformation Security Incident ManagementCase StudiesAudit Principles, Concepts, and PlanningPerforming an AuditAudit ReportingStrategies for Continual ImprovementCase Studies