The Case for ISO27001-2013, Second Edition

  • 1h 4m
  • Alan Calder
  • IT Governance
  • 2013

What do you do to keep your business information secure?

Information and information systems are vital to every organisation. Our reliance on data and information, and the fact that it is so easy to share, means that everyone is at risk of cyber attack from hackers, viruses, online fraudsters, malicious insiders, or even from simple human error.

Manage cyber threat

To counter these threats you have to identify the real information risks your business faces, then you need to find the most appropriate way to mitigate such risks. Adopting the ISO27001 Standard will give your organisation a reliable framework for creating an information security management system.

The business case for investing in information security

This friendly guide, updated to reflect ISO27001:2013, presents the compelling business case for implementing ISO27001 in order to protect your information assets. This makes it ideal reading for anyone unfamiliar with the many benefits of the standard, and as a supporting document for an ISO27001 project proposal.

Understand ISO27001 and learn how your organisation can:

  • Fight cybercrime - Introducing the ISO 27001 information security management system will help protect your business from the threat of organised crime.
  • Combat cyber-terror - Terrorist organisations now work with computers as well as explosives. Introducing an information security management system makes it easier to defend your company from a destructive cyber-attack.
  • Improve your corporate governance - Reducing your company’s financial exposure to the risk of losses resulting from IT system failure is now a corporate governance requirement. ISO 27001 will help you to comply.
  • Recover from accidents - With ISO 27001, you can minimise the risk that your information will be lost or corrupted as a result of human error.

Read this book to learn how ISO27001 secures your information assets and protects your business.

About the Author

Alan Calder is the founder and Executive Chairman of IT Governance Ltd, an information, advice and consultancy firm that helps company boards tackle governance, risk management, compliance and information security issues. He has many years of senior management experience in the private and public sectors.

The company distributes a range of books, tools and other publications on governance, risk management, compliance and information security through its website.

Some of the material in this book has appeared elsewhere in books and articles by Alan Calder; this is the first time that all the material germane to the Case for ISO27001:2013 has been gathered together in one place, re-purposed and expanded.

In this Book

  • The Case for ISO27001-2013, Second Edition
  • Introduction
  • Information Economy, Intellectual Capital
  • Information, IT and Competitiveness
  • Information Threats
  • Insecurity Impacts
  • ‘Traditional’ Threats
  • Information Risk in Large Organisations
  • Organised Crime
  • Terrorism
  • Evolving Threat Environment
  • Regulatory Compliance
  • Data Protection and Privacy
  • Anti-Spam Legislation
  • Computer Misuse Legislation
  • Human Rights
  • Record Retention and Destruction
  • Information Security Governance
  • Benefits of an ISO27001 ISMS
  • ISO27001 in the Public Sector
  • Is ISO27001 For You?
  • How Do You Go About ISO27001?
  • Selection of a Certification Body
  • Appendix: ISO27001 – Past, Present and Future
  • Useful Websites


Rating 5.0 of 2 users Rating 5.0 of 2 users (2)
Rating 4.5 of 45 users Rating 4.5 of 45 users (45)