ISO/IEC 27001:2022: An Introduction to Information Security and the ISMS Standard

  • 1h 53s
  • Steve G Watkins
  • IT Governance
  • 2023

Get up to speed with the ISO 27001:2022 updates and keep your information secure

Written by an acknowledged expert on the ISO/IEC 27001 standard, ISO/IEC 27001:2022 – An introduction to information security and the ISMS standard is an ideal primer for anyone implementing an ISMS aligned to ISO 27001:2022.

This must-have resource gives a clear, concise and easy-to-read introduction to information security, providing guidance to ensure the management systems you put in place are effective, reliable and auditable.

This pocket guide will help you to:

1. Make informed decisions

Enables key employees to make better decisions before embarking on an information security project.

2. Ensure everyone is up to speed

Gives the non-specialists on the project board and in the project team a clearer understanding of what an ISMS involves, reflecting ISO 27001:2022.

3. Raise awareness among staff

Ensures that your staff know what is at stake with regard to information security and understand what is expected of them.

4. Enhance your competitiveness

Gives you confidence to begin your ISO 27001:2022 implementation journey and let your customers know that the information you hold about them is managed and protected appropriately.

About the Author

Steve Watkins is a Director of Kinsnall Consulting Ltd, providing board-level advice on cyber security and related standards.

Steve is an active member of SC 27, the international committee responsible for cyber security, information security and privacy protection standards, including the ISO 27001 family. He chairs the UK national committee (IST 33) that mirrors SC 27, and is the Chair of the UK ISO/IEC 27001 User Group.

He is also a contracted ISMS and ITSMS Technical Assessor for UKAS, supporting the assessment of certification bodies offering accredited certification to ISO/IEC 27001 and ISO/IEC 20000-1.

In this Audiobook

  • Introduction
  • Chapter 1 - Information Security – What’s That?
  • Chapter 2 - It’s Not IT
  • Chapter 3 - ISO 27001 and the Management System Requirements
  • Chapter 4 - Legal, Regulatory and Contractual Requirements and Business Risk
  • Chapter 5 - Information Security Controls
  • Chapter 6 - Certification
  • Chapter 7 - Signposting
  • Further Reading