An Introduction to Information Security and ISO 27001:2013, Second Edition
- Steve G. Watkins
- IT Governance
Written by an acknowledged expert on the new ISO27001 standard, An Introduction to information security and ISO27001:2013 is the ideal resource for anyone wanting a clear, concise and easy-to-read primer on information security. It will ensure the systems you put in place are effective, reliable and auditable. This pocket guide will help you to:
- Make informed decisions.
- Use this guide and enable the key people in your organization to make better decisions before embarking on an information security project.
- Ensure everyone is up to speed.
- Use this guide to give the non-specialists on the project board and in the project team a clearer understanding of what the project involves.
- Raise awareness among staff.
- Use this guide to make sure your people know what is at stake with regard to information security and understand what is expected of them.
- Enhance your competitiveness.
Use this guide to let your customers know that the information you hold about them is managed and protected appropriately. Read this pocket guide and learn how you can keep your information assets secure.
About the Author
Steve G Watkins managed the world's first successful BS7799 (the forerunner of ISO27001) implementation project and leads the consultancy and training services of IT Governance. He is Chair of the ISO/IEC 27001 User Group, the UK Chapter of the ISMS International User Group, and an ISMS Technical Assessor for UKAS, advising on their assessments of certification bodies offering accredited certification. He has over 20 years' experience of managing integrated management systems, including maintenance of Information Security, Quality, Environmental and Investor in People certifications. His experience includes senior management positions in both the public and private sector.
In this Book
An Introduction to Information Security and ISO27001—2013, Second Edition
Information Security – What’s That?
It’s Not IT
ISO27001 and the Management System Requirements
Legal, Regulatory and Contractual Requirements and Business Risk
Information Security Controls