Nine Steps to Success - Alan Calder

Nine Steps to Success

A n ISO 27001 Implementation Overview

(Autor)

Buch | Softcover
115 Seiten
2006
IT Governance Publishing (Verlag)
978-1-905356-12-6 (ISBN)
31,10 inkl. MwSt
zur Neuauflage
  • Titel erscheint in neuer Auflage
  • Artikel merken
Zu diesem Artikel existiert eine Nachauflage
ISO 27001:2005 replaced the information security standard BS7799-2 from October, 2005. This book offers practical guidance on achieving ISO 27001 certification. It shows: how to get management and board buy-in; how to get cross-organizational, cross functional buy-in; the gap analysis - 'how much do you really need to do?'; and more.
This book is the ideal guide for anyone tackling - or about to tackle - ISO27001 for the first time. It gives a clear overview of: * how to get management and board buy-in; * how to get cross-organizational, cross functional buy-in; * the gap analysis: how much do you really need to do? * the relationship between ISO27001 and ISO17799; * how to integrate with ISO9001 and other management systems; * how to structure and resource your project; * use consultants or do it youself? * the PDCA cycle; * the timetable and project plan; * risk assessment methodologies and tools; * the documentation challenges; * how to choose a certification body; * and much more.

Alan Calder is the founder director of IT Governance Ltd (www.itgovernance.co.uk), an information, advice and consultancy firm that helps company boards tackle governance, risk management, compliance and information security issues. He has many years of senior management experience in the private and public sectors. The company operates a website that distributes a range of books, tools and other publications on governance, risk management, compliance and information security.

CONTENTS9 INTRODUCTION13 CHAPTER 1: INITIAL APPROACH21 Information risk and regulatory risk24 The 'fear list'25 ISO27001/ISO1779927 Background to the standard29 ISO/IEC 1779929 Links to other standards30 CHAPTER 2: MANAGEMENT SUPPORT33 Strategic alignment33 Prioritization and endorsement35 Change management35 The CEO's role37 The CEO's commitment38 Senior management support40 CHAPTER 3: SCOPING43 Endpoint security44 Defining boundaries45 Phased approach48 Network mapping48 Cutting corners50 CHAPTER 4: PLANNING53 Structured approach to implementation54 Plan54 Do55 Check55 Act55 Integration with existing security management systems56 Gap Analysis57 Quality system integration57 Project management59 Project team chair60 Project plan61 Costs and project monitoring63 Consultants64 Information security manager67 Specialist information security advice68 Functional specialists69 CHAPTER 5: COMMUNICATION71 Staff buy-in73 Information security policy74 CHAPTER 6: RISK ASSESSMENT77 Introduction to risk management78 Risk assessment80 Who conducts the risk assessment?80 Risk analysis81 Threats82 Vulnerabilities82 Impacts83 Controls83 Risk assessment tools84 CHAPTER 7: CONTROL SELECTION87 Nature of controls87 Control selection criteria90 Statement of applicability92 CHAPTER 8: DOCUMENTATION95 Four levels of documentation97 Documentation approaches98 Trial and error98 External expertise99 Third party Documentation Toolkit plus guidance100 CHAPTER 9: TESTING103 CHAPTER 10: SUCCESSFUL CERTIFICATION107 USEFUL WEBSITES113

Erscheint lt. Verlag 1.1.2006
Verlagsort Ely
Sprache englisch
Maße 140 x 216 mm
Gewicht 162 g
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Informatik Theorie / Studium Kryptologie
Wirtschaft Betriebswirtschaft / Management Unternehmensführung / Management
ISBN-10 1-905356-12-9 / 1905356129
ISBN-13 978-1-905356-12-6 / 9781905356126
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich
Das Lehrbuch für Konzepte, Prinzipien, Mechanismen, Architekturen und …

von Norbert Pohlmann

Buch | Softcover (2022)
Springer Vieweg (Verlag)
34,99
Management der Informationssicherheit und Vorbereitung auf die …

von Michael Brenner; Nils gentschen Felde; Wolfgang Hommel

Buch (2024)
Carl Hanser (Verlag)
69,99

von Chaos Computer Club

Buch | Softcover (2024)
KATAPULT Verlag
28,00