Information Security based on ISO 27001 and ISO 17799: A Management Guide

Description
This management guide looks at IT Security management with reference to the ISO standards that organisations use to demonstrate compliance with recommended best practice.

Program




This management guide looks at IT Security management with reference to the ISO standards that organisations use to demonstrate compliance with recommended best practice. The reason for developing ISO17799 as an international standard for information security management was originally described by BSI on their website as follows:

'Many organisations have expressed the need to have a common standard on best practice for information security management. They would like to be able to implement information security controls to meet their own business requirements as well as a set of controls for their business relationships with other organisations. These organisations see the need to share the benefits of common best practice at a true international level to ensure that they can protect their business processes and activities to satisfy these business needs'.

Purchase this book along with its sister title, Implementing Information Security based on ISO 27001 and ISO 17799: A Management Guide, by clicking on the link below. All at a very attractive price!

Two Management Guides on Information Security: ISO 27001 & ISO 17799 .


The now-withdrawn (and replaced by the 2005 edition) ISO/IEC 17799:2000 Code of Practice was intended to provide a framework for international best practice in Information Security Management and systems interoperability. It also provided very limited guidance on how to implement an ISMS, but it was not a specification to which an external auditor could refer.

It also did not provide the basis for an international certification scheme. Only BS 7799-2 - and now ISO 27001 - can do that. ISO 27001 does provide a clear and detailed specification for the design and deployment of an ISMS. ISO 17799 provides substantial implementation guidance on how individual controls should be approached. Anyone implementing an ISO 27001 ISMS will need to acquire and study copies of both ISO 27001 and ISO 17799 . ISO 27001 mandates the use of ISO 17799 as a source of guidance on controls, control selection and control implementation.

This book provides detailed coverage of ISO27001, the ISMS specification, as well as the history of the standard, details and discussion of its content, and information about links to other standards and frameworks.


Author: Alan Calder
Publisher: Van Haren Publishing
ISBN 10: 9077212701
ISBN 13: 9789077212707
Pages: 80
Format: Soft Cover
Published Date: 28th June 2006
Availability: Ex Stock
This book - the text book for our Foundations of Information Security Training Course - is a cost-effective method of getting to understand this subject. Order online today!