Information is one of your organisation’s most important resources. Keeping that information secure is therefore vital to your business. This handy pocket guide is an essential overview of two key information security standards that cover the formal requirements (ISO27001:2013) for creating an Information Security Management System (ISMS), and the best-practice recommendations (ISO27002:2013) for those responsible for initiating, implementing or maintaining it.

• Cover
• Title
• Copyright
• Foreword
• About the Author
• Acknowledgements
• Contents
• Introduction
• Chapter 1: The ISO/IEC 27000 Family of Information Security Standards
• Chapter 2: Background to the Standards
• Chapter 3: Specification vs Code of Practice
• Chapter 4: Certification Process
• Chapter 5: The ISMS and ISO27001
• Chapter 6: Overview of ISO/IEC 27001:2013
• Chapter 7: Overview of ISO/IEC 27002:2013
• Chapter 8: Documentation and Records
• Chapter 9: Management Responsibility
• Chapter 10: Process Approach and the PDCA Cycle
• Chapter 11: Context, Policy and Scope
• Chapter 12: Risk Assessment
• Chapter 13: The Statement of Applicability (SoA)
• Chapter 14: Implementation
• Chapter 15: Check and Act
• Chapter 16: Management Review
• Chapter 17: ISO27001 Annex A
• ITG Resources