Part 3: Escape from Chaos

In this section, you will gain a clear view of what is needed, in terms of the general principles, to get the work done.

This part of the book comprises the following chapters:

• Chapter 6, Define ISO 27001 Mandatory Requirements
• Chapter 7, Risk Management, Controls, and Policies
• Chapter 8, Preparing Policies and Procedures to Avoid Internal Risk
• Chapter 9, Social Engineering, Password Guidance, and Policy
• Chapter 10, The Cloud
• Chapter 11, What about the US?