Nine Steps to Success: North American edition: An ISO 27001 Implementation Overview
By Alan Calder
()
About this ebook
Resilience to cyber attacks requires an organization to defend itself across all of its attack surface: people, processes, and technology. ISO 27001 is the international standard that sets out the requirements of an information security management system (ISMS) – a holistic approach to information security that encompasses people, processes, and technology.
Accredited certification to the Standard is recognized worldwide as the hallmark of best-practice information security management.
Achieving and maintaining accredited certification to ISO 27001 can be complicated, especially for those who are new to the Standard.
Author of Nine Steps to Success – An ISO 27001 Implementation Overview, Alan Calder is the founder and executive chairman of IT Governance. He led the world’s first implementation of a management system certified to BS 7799, the forerunner to ISO 27001, and has been working with the Standard ever since.
Hundreds of organizations around the world have achieved accredited certification to ISO 27001 with IT Governance’s guidance, which is distilled in this book.
Successfully implement ISO 27001 with this must-have guideAligned with the latest iteration of ISO 27001:2013, the North American edition of Nine Steps to Success – An ISO 27001 Implementation Overview is ideal for anyone tackling ISO 27001 for the first time. In nine critical steps, the guide covers each element of the ISO 27001 project in simple, non-technical language. There is a special focus on how US organizations can tackle this governance.
This book offers guidance throughout implementation:
- Getting management support and keeping the board’s attention.
- Creating a management framework and performing a gap analysis so that you can clearly understand the controls you already have in place, and identify where you need to focus.
- Structuring and resourcing your project, including advice on whether to use a consultant or do it yourself, and examining the tools and resources that will make your job easier.
- Conducting a five-step risk assessment, and creating a Statement of Applicability (SoA) and risk treatment plan (RTP).
- Guidance on integrating your ISO 27001 ISMS with an ISO 9001 quality management system (QMS) and other management systems.
- Addressing the documentation challenges you’ll face as you create business policies, procedures, work instructions, and records – including viable alternatives to a costly trial-and-error approach.
- Continual improvement of your ISMS, including internal auditing and testing, and management review.
- The six secrets to certification success.
If you’re tackling ISO 27001 for the first time, Nine Steps to Success – An ISO 27001 Implementation Overview will give you the guidance you need to understand the Standard’s requirements and ensure your implementation project is a success – from inception to certification.
About the author
Alan Calder, the founder and executive chairman of IT Governance Ltd, is an internationally acknowledged cybersecurity expert, and a leading author on information security and IT governance issues. He co-wrote the definitive compliance guide IT Governance: An International Guide to Data Security and ISO27001/ISO27002, which is the basis for the UK Open University’s postgraduate course on information security, and has been involved in the development of a wide range of information security management training courses that have been accredited by the International Board for IT Governance Qualifications (IBITGQ). Alan has consulted on data security for numerous clients all over the world, and is a regular media commentator and speaker.Alan Calder
Alan Calder is a leading author on IT governance and information security issues. He is the CEO of GRC International Group plc, the AIM-listed company that owns IT Governance Ltd. Alan is an acknowledged international cyber security guru. He has been involved in the development of a wide range of information security management training courses that have been accredited by the International Board for IT Governance Qualifications (IBITGQ). He is a frequent media commentator on information security and IT governance issues, and has contributed articles and expert comment to a wide range of trade, national and online news outlets.
Read more from Alan Calder
Information Security Risk Management for ISO 27001/ISO 27002, third edition Rating: 4 out of 5 stars4/5PCI DSS: A Pocket Guide, fourth edition Rating: 0 out of 5 stars0 ratingsIT Governance: Implementing Frameworks and Standards for the Corporate Governance of IT Rating: 4 out of 5 stars4/5Selling Information Security to the Board: A Primer Rating: 0 out of 5 stars0 ratingsCyber Essentials: A Pocket Guide Rating: 5 out of 5 stars5/5Risk Assessment for Asset Owners Rating: 4 out of 5 stars4/5Information Security Risk Management for ISO27001/ISO27002 Rating: 4 out of 5 stars4/5PCI DSS: A pocket guide, sixth edition Rating: 0 out of 5 stars0 ratingsISO 27001/ISO 27002: A guide to information security management systems Rating: 0 out of 5 stars0 ratingsISO/IEC 38500: The IT Governance Standard Rating: 5 out of 5 stars5/5The EU Data Protection Code of Conduct for Cloud Service Providers: A guide to compliance Rating: 0 out of 5 stars0 ratingsIT Governance: A Pocket Guide Rating: 3 out of 5 stars3/5EU GDPR - A pocket guide, second edition Rating: 0 out of 5 stars0 ratingsPCI DSS: A Pocket Guide Rating: 2 out of 5 stars2/5Cyber Essentials: A guide to the Cyber Essentials and Cyber Essentials Plus certifications Rating: 0 out of 5 stars0 ratingsCompliance for Green IT: A Pocket Guide Rating: 5 out of 5 stars5/5Network and Information Systems (NIS) Regulations - A pocket guide for operators of essential services Rating: 0 out of 5 stars0 ratingsIT Regulatory Compliance in the UK Rating: 0 out of 5 stars0 ratingsIT Governance Critical Issues Series: Cyber Security Rating: 0 out of 5 stars0 ratingsThe Case for ISO27001:2013 Rating: 1 out of 5 stars1/5The Green Office: A Business Guide Rating: 0 out of 5 stars0 ratingsNetwork and Information Systems (NIS) Regulations - A pocket guide for digital service providers Rating: 0 out of 5 stars0 ratingsA concise introduction to the NIS Directive: A pocket guide for digital service providers Rating: 0 out of 5 stars0 ratingsPCI DSS: A Pocket Guide - 3rd edition Rating: 0 out of 5 stars0 ratings
Related to Nine Steps to Success
Related ebooks
ISO27001/ISO27002:2013: A Pocket Guide Rating: 4 out of 5 stars4/5Information Security Risk Management for ISO27001/ISO27002 Rating: 4 out of 5 stars4/5ISO IEC 27001 Lead Implementer A Clear and Concise Reference Rating: 0 out of 5 stars0 ratingsNine Steps to Success: An ISO27001:2013 Implementation Overview Rating: 1 out of 5 stars1/5Information Risk Management: A practitioner's guide Rating: 5 out of 5 stars5/5ISO IEC 27001 Lead Implementer A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsISO 27001 Controls – A guide to implementing and auditing Rating: 5 out of 5 stars5/5Managing Cybersecurity Risk: Cases Studies and Solutions Rating: 0 out of 5 stars0 ratingsNIST Cybersecurity Framework A Complete Guide - 2019 Edition Rating: 0 out of 5 stars0 ratingsISO IEC 27001 2013 Standard Requirements Rating: 0 out of 5 stars0 ratingsManaging Information Security Breaches: Studies from real life Rating: 0 out of 5 stars0 ratingsFISMA and the Risk Management Framework: The New Practice of Federal Cyber Security Rating: 0 out of 5 stars0 ratingsCybersecurity Risk Complete Self-Assessment Guide Rating: 0 out of 5 stars0 ratingsIT GRC A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsNIST Cybersecurity Framework A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsBuilding Effective Cybersecurity Programs: A Security Manager’s Handbook Rating: 4 out of 5 stars4/5Enterprise Security Risk Management: Concepts and Applications Rating: 0 out of 5 stars0 ratingsCybersecurity Risk Management A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsNIST Cybersecurity Framework: A pocket guide Rating: 0 out of 5 stars0 ratingsBusiness Practical Security Rating: 0 out of 5 stars0 ratingsInformation Security A Practical Guide: Bridging the gap between IT and management Rating: 5 out of 5 stars5/5ISO 27005 A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsAuthorizing Official Handbook: for Risk Management Framework (RMF) Rating: 0 out of 5 stars0 ratingsInformation Security Risk Assessment Toolkit: Practical Assessments through Data Collection and Data Analysis Rating: 0 out of 5 stars0 ratingsISO IEC 27001 A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsThe Cybersecurity Maturity Model Certification (CMMC) – A pocket guide Rating: 0 out of 5 stars0 ratingsISO 27001 Annex A Controls in Plain English: A Step-by-Step Handbook for Information Security Practitioners in Small Businesses Rating: 0 out of 5 stars0 ratingsSecurity Controls Evaluation, Testing, and Assessment Handbook Rating: 5 out of 5 stars5/5Business Continuity and Disaster Recovery for InfoSec Managers Rating: 5 out of 5 stars5/5
Computers For You
Mastering ChatGPT: 21 Prompts Templates for Effortless Writing Rating: 5 out of 5 stars5/5Elon Musk Rating: 4 out of 5 stars4/5The Mega Box: The Ultimate Guide to the Best Free Resources on the Internet Rating: 4 out of 5 stars4/5Procreate for Beginners: Introduction to Procreate for Drawing and Illustrating on the iPad Rating: 0 out of 5 stars0 ratingsPractical Lock Picking: A Physical Penetration Tester's Training Guide Rating: 5 out of 5 stars5/5AWS Certified Cloud Practitioner All-in-One Exam Guide (Exam CLF-C01) Rating: 5 out of 5 stars5/5Quantum Computing For Dummies Rating: 0 out of 5 stars0 ratingsThe ChatGPT Millionaire Handbook: Make Money Online With the Power of AI Technology Rating: 0 out of 5 stars0 ratingsSQL QuickStart Guide: The Simplified Beginner's Guide to Managing, Analyzing, and Manipulating Data With SQL Rating: 4 out of 5 stars4/5Artificial Intelligence: The Complete Beginner’s Guide to the Future of A.I. Rating: 4 out of 5 stars4/5Storytelling with Data: Let's Practice! Rating: 4 out of 5 stars4/5101 Awesome Builds: Minecraft® Secrets from the World's Greatest Crafters Rating: 4 out of 5 stars4/5Deep Search: How to Explore the Internet More Effectively Rating: 5 out of 5 stars5/5CompTIA Security+ Get Certified Get Ahead: SY0-701 Study Guide Rating: 5 out of 5 stars5/5Grokking Algorithms: An illustrated guide for programmers and other curious people Rating: 4 out of 5 stars4/5Ultimate Guide to Mastering Command Blocks!: Minecraft Keys to Unlocking Secret Commands Rating: 5 out of 5 stars5/5Learning the Chess Openings Rating: 5 out of 5 stars5/5CompTIA Security+ Practice Questions Rating: 2 out of 5 stars2/5Tor and the Dark Art of Anonymity Rating: 5 out of 5 stars5/5CompTIA IT Fundamentals (ITF+) Study Guide: Exam FC0-U61 Rating: 0 out of 5 stars0 ratingsAP® Computer Science Principles Crash Course Rating: 0 out of 5 stars0 ratingsThe Professional Voiceover Handbook: Voiceover training, #1 Rating: 5 out of 5 stars5/5Everybody Lies: Big Data, New Data, and What the Internet Can Tell Us About Who We Really Are Rating: 4 out of 5 stars4/5Master Builder Roblox: The Essential Guide Rating: 4 out of 5 stars4/5User Friendly: How the Hidden Rules of Design Are Changing the Way We Live, Work, and Play Rating: 4 out of 5 stars4/5
Reviews for Nine Steps to Success
0 ratings0 reviews