Skip to content
Home Page Icon
Home Page
Nine Steps to Success: An ISO27001:2013 implementation overview
Author
Alan Calder
Release Date: 2016/05/01
ISBN: 9781849288255
Topic:
Security
0%
18
Chapters
0-1
Hours read
0k
Total Words
Start Reading Now
Add to Wishlist
View table of contents
Book Description
In Nine Steps to Success – An ISO 27001 Implementation Overview, Alan provides a comprehensive overview of how to lead a successful ISO 27001-compliant ISMS implementation in just nine steps.
Show and hide more
Table of Contents
Cover
Title
Copyright
Contents
Introduction
The ISO 27000 family
Before you start
Chapter 1: Project Mandate
Strategic alignment
Prioritisation and endorsement
Change management
The CEO’s role
The Project Mandate
Chapter 2: Project Initiation
Objectives
Project management
Project leadership
Senior management support
Project team
Project plan
Structured approach to implementation
Phased approach
The project plan
Integration with existing security management systems
Quality system integration
Looking ahead
Costs and project monitoring
Risk register
Chapter 3: ISMS Initiation
Continual improvement
Security improvement plan
Expanding the RACI matrix
Documentation
Four levels of documentation
Documentation approaches
Chapter 4: Management Framework
Scoping
Endpoint security
Defining boundaries
Network mapping
Cutting corners
Formalise key arrangements
Information security policy
Communication strategy
Staff buy-in
Chapter 5: Baseline Security Criteria
Chapter 6: Risk Management
Introduction to risk management
Baseline security controls
Risk assessment
Five-step risk assessment process
Risk workshop
Impacts
Controls
Risk assessment tools
Controls
Nature of controls
Control selection criteria
Statement of applicability
Risk treatment plan
Chapter 7: Implementation
Competencies
The ‘all persons’ requirement
Staff awareness
Outsourced processes
Chapter 8: Measure, Monitor and Review
Internal audit, and testing
Management review
Chapter 9: Certification
ISO 27001 Resources
ISO 27001:2013 ISMS Documentation Toolkit
vsRisk™
(UK) IT Legal Compliance Database
ISO 27001 staff awareness e-learning
ISO27001 Do It Yourself packaged consultancy
ISO 27001 Get A Little Help packaged consultancy
ISO 27001 Get A Lot Of Help packaged consultancy
ISO 27001 bespoke consultancy
ISO 27001 Certified ISMS Lead Implementer Training Course
ISO 27001 Certified ISMS Lead Auditor Training Course
ISO 27005 Certified Risk Management Training Course
ITG Resources