Nine steps to success : an ISO 27001:2013 implementation overview / Alan Calder.Material type: TextSeries: JSTOR eBooks.Publisher: Ely, Cambridgeshire, United Kingdom : IT Governance Publishing, 2016Edition: Third edition.Description: 1 online resource.Content type: text Media type: computer Carrier type: online resourceISBN: 9781849288248; 1849288240.Subject(s): Computer security -- Management | Computer security -- Standards | Data protection -- StandardsGenre/Form: Electronic books.Additional physical formats: Print version:: Nine Steps to Succes : An ISO27001: 2013 Implementation OverviewDDC classification: 005.8 LOC classification: HF5548.37 | .C352 2016Online resources: Click here to view this ebook.
|Item type||Current location||Call number||URL||Status||Date due||Barcode|
|Electronic Book||UT Tyler Online Online||HF5548.37 .C352 2016 (Browse shelf)||https://ezproxy.uttyler.edu/login?url=http://www.jstor.org/stable/10.2307/j.ctt1bj4t1k||Available||ocn949716876|
Includes bibliographical references.
PDF (JSTOR, viewed May 12, 2016).
Cover; Title; Copyright; Contents; Introduction; The ISO 27000 family; Before you start; Chapter 1: Project Mandate; Strategic alignment; Prioritisation and endorsement; Change management; The CEO's role; The Project Mandate; Chapter 2: Project Initiation; Objectives; Project management; Project leadership; Senior management support; Project team; Project plan; Structured approach to implementation; Phased approach; The project plan; Integration with existing security management systems; Quality system integration; Looking ahead; Costs and project monitoring; Risk register
Chapter 3: ISMS InitiationContinual improvement; Security improvement plan; Expanding the RACI matrix; Documentation; Four levels of documentation; Documentation approaches; Chapter 4: Management Framework; Scoping; Endpoint security; Defining boundaries; Network mapping; Cutting corners; Formalise key arrangements; Information security policy; Communication strategy; Staff buy-in; Chapter 5: Baseline Security Criteria; Chapter 6: Risk Management; Introduction to risk management; Baseline security controls; Risk assessment; Five-step risk assessment process; Risk workshop; Impacts; Controls
Risk assessment toolsControls; Nature of controls; Control selection criteria; Statement of applicability; Risk treatment plan; Chapter 7: Implementation; Competencies; The 'all persons' requirement; Staff awareness; Outsourced processes; Chapter 8: Measure, Monitor and Review; Internal audit, and testing; Management review; Chapter 9: Certification; ISO 27001 Resources; ISO 27001:2013 ISMS Documentation Toolkit; vsRisk™; (UK) IT Legal Compliance Database; ISO 27001 staff awareness e-learning; ISO27001 Do It Yourself packaged consultancy; ISO 27001 Get A Little Help packaged consultancy
ISO 27001 Get A Lot Of Help packaged consultancyISO 27001 bespoke consultancy; ISO 27001 Certified ISMS Lead Implementer Training Course; ISO 27001 Certified ISMS Lead Auditor Training Course; ISO 27005 Certified Risk Management Training Course; ITG Resources