ISO/IEC 27001:2022: An introduction to information security and the ISMS standard

¡ IT Governance Publishing Limited ¡ Steve Watkinsā§° āĻĻā§āĻŦāĻžā§°āĻž āĻŦāĻ°ā§āĻŖāĻŋāĻ¤
āĻ…āĻĄāĻŋāĻ…'āĻŦā§āĻ•
1 āĻ˜āĻŖā§āĻŸāĻž
āĻ¸āĻŽā§āĻĒā§‚ā§°ā§āĻŖ
āĻ¯ā§‹āĻ—ā§āĻ¯
āĻāĻŸāĻž āĻŦāĻŋāĻ¨āĻžāĻŽā§‚āĻ˛ā§€ā§ŸāĻž 5 āĻŽāĻŋāĻ¨āĻŋāĻŸā§° āĻ¨āĻŽā§āĻ¨āĻž āĻ˛āĻžāĻ—ā§‡ āĻ¨ā§‡āĻ•āĻŋ? āĻ¯āĻŋāĻ•ā§‹āĻ¨ā§‹ āĻ¸āĻŽā§ŸāĻ¤ā§‡ āĻļā§āĻ¨āĻ•, āĻ†āĻ¨āĻ•āĻŋ āĻ…āĻĢāĻ˛āĻžāĻ‡āĻ¨ āĻšā§ˆ āĻĨāĻžāĻ•ā§‹āĻāĻ¤ā§‡āĻ“āĨ¤Â 
āĻ¯ā§‹āĻ— āĻ•ā§°āĻ•
āĻ‡-āĻŦā§āĻ• āĻŦā§āĻ¯ā§ąāĻšāĻžā§° āĻ•ā§°āĻ•

āĻāĻ‡ āĻ…āĻĄāĻŋāĻ…’āĻŦā§āĻ•āĻ–āĻ¨ā§° āĻŦāĻŋāĻˇā§Ÿā§‡

Written by an acknowledged expert on the ISO/IEC 27001 Standard , ISO 27001:2022 – An Introduction to information security and the ISMS standard is an ideal primer for anyone implementing an information security management system aligned to ISO 27001:2022.

The guide is a must-have resource giving a clear, concise and easy-to-read introduction to information security, providing guidance to ensure the management systems you put in place are effective, reliable and auditable.

This pocket guide will help you to:

  1. Make informed decisions

Using this guide will enable the key employees in your organisation to make better decisions before embarking on an information security project.

  1. Ensure everyone is up to speed

This guide will give the non-specialists on the project board and in the project team a clearer understanding of what an information security management system involves, reflecting the ISO 27001:2022 version of the Standard.

  1. Raise awareness among staff

Ensure that your staff know what is at stake with regard to information security and understand what is expected of them with this pocket guide.

  1. Enhance your competitiveness

Use this guide to begin your ISO 27001:2022 implementation journey and let your customers know that the information you hold about them is managed and protected appropriately.

Get up to speed with the ISO 27001:2022 updates and keep your information secure About the author:

Steve is a Director of Kinsnall Consulting Ltd, providing board-level advice on cyber security and related standards.

Steve is an active member of SC 27, the international committee responsible for cyber security, information security and privacy protection standards, including the ISO 27001 family. He Chairs the UK national committee (IST 33) that mirrors SC 27 and is the Chair of the UK ISO/IEC 27001 User Group.

He is also a contracted ISMS and ITSMS Technical Assessor for UKAS, supporting the assessment of certification bodies offering accredited certification to ISO/IEC 27001 and ISO/IEC 20000-1.

TOC:

Introduction

Chapter 1: Information security – What's that?

Chapter 2: It's not IT

Chapter 3: ISO 27001 and the management system requirements

Chapter 4: Legal, regulatory and contractual requirements and business risk

Chapter 5: Information security controls

Chapter 6: Certification

Chapter 7: Signposting

Further reading

āĻ˛āĻŋāĻ–āĻ•ā§° āĻŦāĻŋāĻˇāĻ¯āĻŧā§‡

Steve G Watkins is a Director of Kinsnall Consulting Ltd, providing board-level advice on cyber security and related standards.

Steve is an active member of SC 27, the international committee responsible for cyber security, information security and privacy protection standards, including the ISO 27001 family. He chairs the UK national committee (IST 33) that mirrors SC 27, and is the Chair of the UK ISO/IEC 27001 User Group.

He is also a contracted ISMS and ITSMS Technical Assessor for UKAS, supporting the assessment of certification bodies offering accredited certification to ISO/IEC 27001 and ISO/IEC 20000-1.

āĻāĻ‡ āĻ…āĻĄāĻŋāĻ…’āĻŦā§āĻ•āĻ–āĻ¨ā§° āĻŽā§‚āĻ˛ā§āĻ¯āĻžāĻ‚āĻ•āĻ¨ āĻ•ā§°āĻ•

āĻ†āĻŽāĻžāĻ• āĻ†āĻĒā§‹āĻ¨āĻžā§° āĻŽāĻ¤āĻžāĻŽāĻ¤ āĻœāĻ¨āĻžāĻ“āĻ•āĨ¤

āĻ…āĻĄāĻŋāĻ…'āĻŦā§āĻ• āĻļā§āĻ¨āĻžā§° āĻ¨āĻŋāĻ°ā§āĻĻā§‡āĻļāĻžā§ąāĻ˛ā§€

āĻ¸ā§āĻŽāĻžā§°ā§āĻŸāĻĢ’āĻ¨ āĻ†ā§°ā§ āĻŸā§‡āĻŦāĻ˛ā§‡āĻŸ
Android āĻ†ā§°ā§ iPad/iPhoneā§° āĻŦāĻžāĻŦā§‡ Google Play Books āĻāĻĒāĻŸā§‹ āĻ‡āĻ¨āĻˇā§āĻŸāĻ˛ āĻ•ā§°āĻ•āĨ¤ āĻ‡ āĻ¸ā§āĻŦāĻ¯āĻŧāĻ‚āĻ•ā§āĻ°āĻŋāĻ¯āĻŧāĻ­āĻžā§ąā§‡ āĻ†āĻĒā§‹āĻ¨āĻžā§° āĻāĻ•āĻžāĻ‰āĻŖā§āĻŸā§° āĻ¸ā§ˆāĻ¤ā§‡ āĻ›āĻŋāĻ‚āĻ• āĻšāĻ¯āĻŧ āĻ†ā§°ā§ āĻ†āĻĒā§āĻ¨āĻŋ āĻ¯'āĻ¤ā§‡ āĻ¨āĻžāĻĨāĻžāĻ•āĻ• āĻ¤'āĻ¤ā§‡āĻ‡ āĻ•ā§‹āĻ¨ā§‹ āĻ…āĻĄāĻŋāĻ…'āĻŦā§āĻ• āĻ…āĻ¨āĻ˛āĻžāĻ‡āĻ¨ āĻŦāĻž āĻ…āĻĢāĻ˛āĻžāĻ‡āĻ¨āĻ¤ āĻļā§āĻ¨āĻŋāĻŦāĻ˛ā§ˆ āĻ¸ā§āĻŦāĻŋāĻ§āĻž āĻĻāĻŋāĻ¯āĻŧā§‡āĨ¤
āĻ˛ā§‡āĻĒāĻŸāĻĒ āĻ†ā§°ā§ āĻ•āĻŽā§āĻĒāĻŋāĻ‰āĻŸāĻžā§°
āĻ•āĻŽā§āĻĒāĻŋāĻ‰āĻŸāĻžā§°ā§° ā§ąā§‡āĻŦ āĻŦā§āĻ°āĻžāĻ‰āĻœāĻžā§° āĻŦā§āĻ¯ā§ąāĻšāĻžā§° āĻ•ā§°āĻŋ āĻ†āĻĒā§āĻ¨āĻŋ Google PlayāĻ¤ āĻ•āĻŋāĻ¨āĻž āĻ•āĻŋāĻ¤āĻžāĻĒāĻ¸āĻŽā§‚āĻš āĻĒāĻĸāĻŧāĻŋāĻŦ āĻĒāĻžā§°ā§‡āĨ¤

Steve Watkinsā§° āĻĻā§āĻŦāĻžā§°āĻž āĻ†ā§°ā§ āĻ…āĻ§āĻŋāĻ•

ISO/IEC 27701:2019: An introduction to privacy information management
Alan Shipman
ā§Ģ.ā§Ļ
US$ ā§§ā§Ē.ā§¯ā§ĢUS$ ā§§ā§Š.ā§¯ā§Ģ

āĻāĻ•ā§‡āĻ§ā§°āĻŖā§° āĻ…āĻĄāĻŋāĻ…’āĻŦā§āĻ•

ISO/IEC 27701:2019: An introduction to privacy information management
Alan Shipman
ā§Ģ.ā§Ļ
US$ ā§§ā§Ē.ā§¯ā§ĢUS$ ā§§ā§Š.ā§¯ā§Ģ
The Art of Deception: Controlling the Human Element of Security
Kevin D. Mitnick
ā§¨.ā§Š
US$ ā§¨ā§Ē.ā§¯ā§¯US$ ā§§ā§Ē.ā§¯ā§Ģ
Social Engineering: The Science of Human Hacking 2nd Edition
Christopher Hadnagy
ā§Ē.ā§Ŧ
US$ ā§¨ā§Ē.ā§¯ā§¯US$ ā§§ā§Ŧ.ā§¯ā§Ģ
(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide, 3rd Edition
Mike Chapple
Business & investing
ā§Ģ.ā§Ļ
US$ ā§Šā§Ē.ā§¯ā§¯US$ ā§Šā§¨.ā§Šā§Ļ
Crypto: How the Code Rebels Beat the Government--Saving Privacy in the Digital Age
Steven Levy
ā§Ģ.ā§Ļ
US$ ā§¨ā§Ē.ā§¯ā§¯US$ ā§§ā§Ē.ā§¯ā§Ģ
A Hacker's Mind: How the Powerful Bend Society's Rules, and How to Bend them Back
Bruce Schneier
ā§Ē.ā§¨
US$ ā§§ā§¯.ā§¯ā§¯US$ ā§§ā§Ē.ā§¯ā§Ģ