Implementing an Information Security Management System: Security Management Based on ISO 27001 Guidelines

  • 3h 51m
  • Abhishek Chopra, Mukund Chaudhary
  • Apress
  • 2020

Discover the simple steps to implementing information security standards using ISO 27001, the most popular information security standard across the world. You’ll see how it offers best practices to be followed, including the roles of all the stakeholders at the time of security framework implementation, post-implementation, and during monitoring of the implemented controls. Implementing an Information Security Management System provides implementation guidelines for ISO 27001:2013 to protect your information assets and ensure a safer enterprise environment.

This book is a step-by-step guide on implementing secure ISMS for your organization. It will change the way you interpret and implement information security in your work area or organization.

What You Will Learn

  • Discover information safeguard methods
  • Implement end-to-end information security
  • Manage risk associated with information security
  • Prepare for audit with associated roles and responsibilities
  • Identify your information risk
  • Protect your information assets

Who This Book Is For

Security professionals who implement and manage a security framework or security controls within their organization. This book can also be used by developers with a basic knowledge of security concepts to gain a strong understanding of security standards for an enterprise.

About the Authors

Abhishek is a quality professional with more than 13 years of experience implementing CMMi, ISO 9001, ITIL, and ISO 27001. He holds a black belt in Lean Six Sigma and is also a certified ISO 27001 Lead Auditor.

Mukund is a certified project management professional with more than a decade of experience in managing international projects, internal audits, CMMI, and ISO 27001. In his leisure time, he can be found reading articles on and exploring emerging technologies.

In this Book

  • The Need for Information Security
  • Assessing Needs and Scope
  • Project Kick-Off
  • Initial Risk Assessment
  • Risk Management Approach
  • Execution
  • Internal Audit
  • Management Review
  • External Audit
  • Continual Improvement


Rating 4.6 of 5 users Rating 4.6 of 5 users (5)
Rating 4.4 of 17 users Rating 4.4 of 17 users (17)