Normal view MARC view ISBD view

Nine steps to success : an ISO 27001:2013 implementation overview / Alan Calder.

By: Calder, Alan, 1957- [author.].
Material type: TextTextSeries: JSTOR eBooks.Publisher: Ely, Cambridgeshire, United Kingdom : IT Governance Publishing, 2016Edition: Third edition.Description: 1 online resource.Content type: text Media type: computer Carrier type: online resourceISBN: 9781849288248; 1849288240.Subject(s): Computer security -- Management | Computer security -- Standards | Data protection -- StandardsGenre/Form: Electronic books.Additional physical formats: Print version:: Nine Steps to Succes : An ISO27001: 2013 Implementation OverviewDDC classification: 005.8 LOC classification: HF5548.37 | .C352 2016Online resources: Click here to view this ebook.
Contents:
Cover; Title; Copyright; Contents; Introduction; The ISO 27000 family; Before you start; Chapter 1: Project Mandate; Strategic alignment; Prioritisation and endorsement; Change management; The CEO's role; The Project Mandate; Chapter 2: Project Initiation; Objectives; Project management; Project leadership; Senior management support; Project team; Project plan; Structured approach to implementation; Phased approach; The project plan; Integration with existing security management systems; Quality system integration; Looking ahead; Costs and project monitoring; Risk register
Chapter 3: ISMS InitiationContinual improvement; Security improvement plan; Expanding the RACI matrix; Documentation; Four levels of documentation; Documentation approaches; Chapter 4: Management Framework; Scoping; Endpoint security; Defining boundaries; Network mapping; Cutting corners; Formalise key arrangements; Information security policy; Communication strategy; Staff buy-in; Chapter 5: Baseline Security Criteria; Chapter 6: Risk Management; Introduction to risk management; Baseline security controls; Risk assessment; Five-step risk assessment process; Risk workshop; Impacts; Controls
Risk assessment toolsControls; Nature of controls; Control selection criteria; Statement of applicability; Risk treatment plan; Chapter 7: Implementation; Competencies; The 'all persons' requirement; Staff awareness; Outsourced processes; Chapter 8: Measure, Monitor and Review; Internal audit, and testing; Management review; Chapter 9: Certification; ISO 27001 Resources; ISO 27001:2013 ISMS Documentation Toolkit; vsRisk™; (UK) IT Legal Compliance Database; ISO 27001 staff awareness e-learning; ISO27001 Do It Yourself packaged consultancy; ISO 27001 Get A Little Help packaged consultancy
ISO 27001 Get A Lot Of Help packaged consultancyISO 27001 bespoke consultancy; ISO 27001 Certified ISMS Lead Implementer Training Course; ISO 27001 Certified ISMS Lead Auditor Training Course; ISO 27005 Certified Risk Management Training Course; ITG Resources
Tags from this library: No tags from this library for this title. Log in to add tags.
Item type Current location Call number URL Status Date due Barcode
Electronic Book UT Tyler Online
Online
HF5548.37 .C352 2016 (Browse shelf) https://ezproxy.uttyler.edu/login?url=http://www.jstor.org/stable/10.2307/j.ctt1bj4t1k Available ocn949716876

Includes bibliographical references.

PDF (JSTOR, viewed May 12, 2016).

Cover; Title; Copyright; Contents; Introduction; The ISO 27000 family; Before you start; Chapter 1: Project Mandate; Strategic alignment; Prioritisation and endorsement; Change management; The CEO's role; The Project Mandate; Chapter 2: Project Initiation; Objectives; Project management; Project leadership; Senior management support; Project team; Project plan; Structured approach to implementation; Phased approach; The project plan; Integration with existing security management systems; Quality system integration; Looking ahead; Costs and project monitoring; Risk register

Chapter 3: ISMS InitiationContinual improvement; Security improvement plan; Expanding the RACI matrix; Documentation; Four levels of documentation; Documentation approaches; Chapter 4: Management Framework; Scoping; Endpoint security; Defining boundaries; Network mapping; Cutting corners; Formalise key arrangements; Information security policy; Communication strategy; Staff buy-in; Chapter 5: Baseline Security Criteria; Chapter 6: Risk Management; Introduction to risk management; Baseline security controls; Risk assessment; Five-step risk assessment process; Risk workshop; Impacts; Controls

Risk assessment toolsControls; Nature of controls; Control selection criteria; Statement of applicability; Risk treatment plan; Chapter 7: Implementation; Competencies; The 'all persons' requirement; Staff awareness; Outsourced processes; Chapter 8: Measure, Monitor and Review; Internal audit, and testing; Management review; Chapter 9: Certification; ISO 27001 Resources; ISO 27001:2013 ISMS Documentation Toolkit; vsRisk™; (UK) IT Legal Compliance Database; ISO 27001 staff awareness e-learning; ISO27001 Do It Yourself packaged consultancy; ISO 27001 Get A Little Help packaged consultancy

ISO 27001 Get A Lot Of Help packaged consultancyISO 27001 bespoke consultancy; ISO 27001 Certified ISMS Lead Implementer Training Course; ISO 27001 Certified ISMS Lead Auditor Training Course; ISO 27005 Certified Risk Management Training Course; ITG Resources

There are no comments for this item.

Log in to your account to post a comment.