Mastering Information Security Compliance Management: A comprehensive handbook on ISO/IEC 27001:2022 compliance
Strengthen your ability to implement, assess, evaluate, and enhance the effectiveness of information security controls based on ISO/IEC 27001/27002:2022 standards Purchase of the print or Kindle book includes a free PDF eBook

Key Features

  • Familiarize yourself with the clauses and control references of ISO/IEC 27001:2022
  • Define and implement an information security management system aligned with ISO/IEC 27001/27002:2022
  • Conduct management system audits to evaluate their effectiveness and adherence to ISO/IEC 27001/27002:2022

Book Description

ISO 27001 and ISO 27002 are globally recognized standards for information security management systems (ISMSs), providing a robust framework for information protection that can be adapted to all organization types and sizes. Organizations with significant exposure to information-security–related risks are increasingly choosing to implement an ISMS that complies with ISO 27001. This book will help you understand the process of getting your organization's information security management system certified by an accredited certification body. The book begins by introducing you to the standards, and then takes you through different principles and terminologies. Once you completely understand these standards, you’ll explore their execution, wherein you find out how to implement these standards in different sizes of organizations. The chapters also include case studies to enable you to understand how you can implement the standards in your organization. Finally, you’ll get to grips with the auditing process, planning, techniques, and reporting and learn to audit for ISO 27001. By the end of this book, you’ll have gained a clear understanding of ISO 27001/27002 and be ready to successfully implement and audit for these standards.

What you will learn

  • Develop a strong understanding of the core principles underlying information security
  • Gain insights into the interpretation of control requirements in the ISO 27001/27002:2022 standard
  • Understand the various components of ISMS with practical examples and case studies
  • Explore risk management strategies and techniques
  • Develop an audit plan that outlines the scope, objectives, and schedule of the audit
  • Explore real-world case studies that illustrate successful implementation approaches

Who this book is for

This book is for information security professionals, including information security managers, consultants, auditors, officers, risk specialists, business owners, and individuals responsible for implementing, auditing, and administering information security management systems. Basic knowledge of organization-level information security management, such as risk assessment, security controls, and auditing, will help you grasp the topics in this book easily.

1143798142
Mastering Information Security Compliance Management: A comprehensive handbook on ISO/IEC 27001:2022 compliance
Strengthen your ability to implement, assess, evaluate, and enhance the effectiveness of information security controls based on ISO/IEC 27001/27002:2022 standards Purchase of the print or Kindle book includes a free PDF eBook

Key Features

  • Familiarize yourself with the clauses and control references of ISO/IEC 27001:2022
  • Define and implement an information security management system aligned with ISO/IEC 27001/27002:2022
  • Conduct management system audits to evaluate their effectiveness and adherence to ISO/IEC 27001/27002:2022

Book Description

ISO 27001 and ISO 27002 are globally recognized standards for information security management systems (ISMSs), providing a robust framework for information protection that can be adapted to all organization types and sizes. Organizations with significant exposure to information-security–related risks are increasingly choosing to implement an ISMS that complies with ISO 27001. This book will help you understand the process of getting your organization's information security management system certified by an accredited certification body. The book begins by introducing you to the standards, and then takes you through different principles and terminologies. Once you completely understand these standards, you’ll explore their execution, wherein you find out how to implement these standards in different sizes of organizations. The chapters also include case studies to enable you to understand how you can implement the standards in your organization. Finally, you’ll get to grips with the auditing process, planning, techniques, and reporting and learn to audit for ISO 27001. By the end of this book, you’ll have gained a clear understanding of ISO 27001/27002 and be ready to successfully implement and audit for these standards.

What you will learn

  • Develop a strong understanding of the core principles underlying information security
  • Gain insights into the interpretation of control requirements in the ISO 27001/27002:2022 standard
  • Understand the various components of ISMS with practical examples and case studies
  • Explore risk management strategies and techniques
  • Develop an audit plan that outlines the scope, objectives, and schedule of the audit
  • Explore real-world case studies that illustrate successful implementation approaches

Who this book is for

This book is for information security professionals, including information security managers, consultants, auditors, officers, risk specialists, business owners, and individuals responsible for implementing, auditing, and administering information security management systems. Basic knowledge of organization-level information security management, such as risk assessment, security controls, and auditing, will help you grasp the topics in this book easily.

39.99 In Stock
Mastering Information Security Compliance Management: A comprehensive handbook on ISO/IEC 27001:2022 compliance

Mastering Information Security Compliance Management: A comprehensive handbook on ISO/IEC 27001:2022 compliance

Mastering Information Security Compliance Management: A comprehensive handbook on ISO/IEC 27001:2022 compliance

Mastering Information Security Compliance Management: A comprehensive handbook on ISO/IEC 27001:2022 compliance

Overview

Strengthen your ability to implement, assess, evaluate, and enhance the effectiveness of information security controls based on ISO/IEC 27001/27002:2022 standards Purchase of the print or Kindle book includes a free PDF eBook

Key Features

  • Familiarize yourself with the clauses and control references of ISO/IEC 27001:2022
  • Define and implement an information security management system aligned with ISO/IEC 27001/27002:2022
  • Conduct management system audits to evaluate their effectiveness and adherence to ISO/IEC 27001/27002:2022

Book Description

ISO 27001 and ISO 27002 are globally recognized standards for information security management systems (ISMSs), providing a robust framework for information protection that can be adapted to all organization types and sizes. Organizations with significant exposure to information-security–related risks are increasingly choosing to implement an ISMS that complies with ISO 27001. This book will help you understand the process of getting your organization's information security management system certified by an accredited certification body. The book begins by introducing you to the standards, and then takes you through different principles and terminologies. Once you completely understand these standards, you’ll explore their execution, wherein you find out how to implement these standards in different sizes of organizations. The chapters also include case studies to enable you to understand how you can implement the standards in your organization. Finally, you’ll get to grips with the auditing process, planning, techniques, and reporting and learn to audit for ISO 27001. By the end of this book, you’ll have gained a clear understanding of ISO 27001/27002 and be ready to successfully implement and audit for these standards.

What you will learn

  • Develop a strong understanding of the core principles underlying information security
  • Gain insights into the interpretation of control requirements in the ISO 27001/27002:2022 standard
  • Understand the various components of ISMS with practical examples and case studies
  • Explore risk management strategies and techniques
  • Develop an audit plan that outlines the scope, objectives, and schedule of the audit
  • Explore real-world case studies that illustrate successful implementation approaches

Who this book is for

This book is for information security professionals, including information security managers, consultants, auditors, officers, risk specialists, business owners, and individuals responsible for implementing, auditing, and administering information security management systems. Basic knowledge of organization-level information security management, such as risk assessment, security controls, and auditing, will help you grasp the topics in this book easily.

Product Details

ISBN-13: 9781803231174
Publisher: Packt Publishing
Publication date: 08/11/2023
Pages: 236
Product dimensions: 7.50(w) x 9.25(h) x 0.50(d)

About the Author

Adarsh Nair is the global head of information security at UST. He is a recognized information security strategist, author, and keynote speaker. Adarsh holds the title of Fellow of Information Privacy (FIP) by IAPP and is a Google Hall of Fame honoree. He serves as co-chair of OWASP Kerala Chapter, an IAPP exam development board member, and an EC-Council advisory board member. With a decade of experience, Adarsh specializes in information security governance, risk and compliance, business continuity, data privacy, ethical hacking, and threat identification and mitigation. He maintains expertise through memberships, training, and certifications, including CISSP, CIPM, CIPP/E, LPT, OSCP, and ISO Lead Auditor. Adarsh has authored two books, published numerous articles and research papers, and delivered impactful presentations at national and international conferences, establishing himself as a thought leader in information security.

Greeshma M. R. is an entrepreneur and seasoned freelance technology writer, specializing in technology domains, especially information security and Web 3.0. She is interested in exploring the intersection of technology and humanity, as well as the social aspects of technology. Her areas of interest also encompass innovation, sustainable development, gender, and society. She is a co-author and publisher of two books and holds a certification as an ISO 27001 Lead Auditor. Having worked in the IT and knowledge and innovation management domains, Greeshma possesses an interdisciplinary perspective that enriches her approach. She has actively contributed to establishing an innovation ecosystem among students via communities of practice, fostering a culture of creativity and collaboration.

Table of Contents

Table of Contents

  1. Foundations, Standards, and Principles of Information Security
  2. Introduction to ISO 27001
  3. ISMS Controls
  4. Risk Management
  5. ISMS – Phases of Implementation
  6. Information Security Incident Management
  7. Case Studies – Certification, SoA, and Incident Management
  8. Audit Principles, Concepts, and Planning
  9. Performing an Audit
  10. Audit Reporting, Follow-Up, and Strategies for Continual Improvement
  11. Auditor Competence and Evaluation
  12. Case Studies – Audit Planning, Reporting Nonconformities, and Audit Reporting
From the B&N Reads Blog
Page 1 of

Related Subjects

Business
Computers
Science & Technology
Engineering
Technology
Business Technology
Computers - General & Miscellaneous
Computer Technology
Information Systems
Business Technology - Information Systems
Computer Security
Information Technology
Information technology
Business
Computers
Science & Technology
Engineering
Technology
Business Technology
Computers - General & Miscellaneous
Computer Technology
Information Systems
Business Technology - Information Systems
Computer Security
Information Technology

Customer Reviews