Calder, Alan, 1957-

Nine steps to success : an ISO 27001:2013 implementation overview / Alan Calder. - Third edition. - 1 online resource. - JSTOR eBooks .

Includes bibliographical references.

Cover; Title; Copyright; Contents; Introduction; The ISO 27000 family; Before you start; Chapter 1: Project Mandate; Strategic alignment; Prioritisation and endorsement; Change management; The CEO's role; The Project Mandate; Chapter 2: Project Initiation; Objectives; Project management; Project leadership; Senior management support; Project team; Project plan; Structured approach to implementation; Phased approach; The project plan; Integration with existing security management systems; Quality system integration; Looking ahead; Costs and project monitoring; Risk register Chapter 3: ISMS InitiationContinual improvement; Security improvement plan; Expanding the RACI matrix; Documentation; Four levels of documentation; Documentation approaches; Chapter 4: Management Framework; Scoping; Endpoint security; Defining boundaries; Network mapping; Cutting corners; Formalise key arrangements; Information security policy; Communication strategy; Staff buy-in; Chapter 5: Baseline Security Criteria; Chapter 6: Risk Management; Introduction to risk management; Baseline security controls; Risk assessment; Five-step risk assessment process; Risk workshop; Impacts; Controls Risk assessment toolsControls; Nature of controls; Control selection criteria; Statement of applicability; Risk treatment plan; Chapter 7: Implementation; Competencies; The 'all persons' requirement; Staff awareness; Outsourced processes; Chapter 8: Measure, Monitor and Review; Internal audit, and testing; Management review; Chapter 9: Certification; ISO 27001 Resources; ISO 27001:2013 ISMS Documentation Toolkit; vsRisk™; (UK) IT Legal Compliance Database; ISO 27001 staff awareness e-learning; ISO27001 Do It Yourself packaged consultancy; ISO 27001 Get A Little Help packaged consultancy ISO 27001 Get A Lot Of Help packaged consultancyISO 27001 bespoke consultancy; ISO 27001 Certified ISMS Lead Implementer Training Course; ISO 27001 Certified ISMS Lead Auditor Training Course; ISO 27005 Certified Risk Management Training Course; ITG Resources

9781849288248 1849288240

22573/ctt1bkhpf6 JSTOR


Computer security--Management.
Computer security--Standards.
Data protection--Standards.


Electronic books.

HF5548.37 / .C352 2016

005.8