وبلاگ بلیان

How to Achieve 27001 Certification : An Example of Applied Compliance Management

جلد کتاب How to Achieve 27001 Certification : An Example of Applied Compliance Management

معرفی کتاب «How to Achieve 27001 Certification : An Example of Applied Compliance Management» نوشتهٔ Sigurjon Thor Arnason, Keith D. Willett، منتشرشده توسط نشر Auerbach Publications در سال 2007. این کتاب در 352 صفحه، فرمت pdf، زبان انگلیسی ارائه شده است.

The security criteria of the International Standards Organization (ISO) provides an excellent foundation for identifying and addressing business risks through a disciplined security management process. Using security standards ISO 17799 and ISO 27001 as a basis, How to Achieve 27001 Certification: An Example of Applied Compliance Management helps an organization align its security and organizational goals so it can generate effective security, compliance, and management programs. The authors offer insight from their own experiences, providing questions and answers to determine an organization's information security strengths and weaknesses with respect to the standard. They also present step-by-step information to help an organization plan an implementation, as well as prepare for certification and audit. Security is no longer a luxury for an organization, it is a legislative mandate. A formal methodology that helps an organization define and execute an ISMS is essential in order to perform and prove due diligence in upholding stakeholder interests and legislative compliance. Providing a good starting point for novices, as well as finely tuned nuances for seasoned security professionals, this book is an invaluable resource for anyone involved with meeting an organization's security, certification, and compliance needs. ISBN-13: 9780849336485 Contents 6 Preface 12 Introduction 14 Chapter 1. Introduction to International Standards Organization Security Standards 22 Chapter 2. Information Security Management System 34 Chapter 3. Foundational Concepts and Tools for an Information Security Management System 40 Chapter 4. Implemeenting an Information Security Management System-Plan-Do-Check-Act 118 Chapter 5. Audit and Certification 184 Chapter 6. Compliance Management 194 Appendix A: ISMS Assessment Discovery Question Set 234 Appendix B: Sample Statement of Applicability 278 Appendix C: PDCA Guideline Documents-Outlines 290 Appendix D: Policy, Standard, and Procedure Sample Templates 294 Appendix E: ISMS Policy and Risk Treatment Templates 302 Appendix F: Project Definition Template 310 Useful Bits of Knowledge* 316 Glossary 322 References 328 Index 330 Back cover 348 * Hardcover: 352 pages * Publisher: Auerbach (Nov 28,2007) * Language: English * ISBN-10: 0849336481 * Hardcover: 352 pages,* Publisher: Auerbach (Nov 28,2007),* Language: English,* ISBN-10: 0849336481 "The security criteria of the International Standards Organization (ISO) provides an excellent foundation for identifying and addressing business risks through a disciplined security management process. Using security standards ISO 27002 (formerly ISO 17799) and ISO 27001 as a basis, How to Achieve 27001 Certification; An Example of Applied Compliance Management helps an organization align its security and organizational goals so it can generate effective security, compliance, and management programs." "The authors offer insight from their own experiences, providing questions and answers to determine an organization's information security strengths and weaknesses with respect to the standard. They also present step-by-step information to help an organization plan an implementation, as well as prepare for certification and audit."--Jacket
دانلود کتاب How to Achieve 27001 Certification : An Example of Applied Compliance Management