An Introduction to Information Security and ISO27001:2013: A Pocket Guide
By Steve Watkins and Andy Cresswell
4/5
()
About this ebook
The main international standard that deals with information security is ISO27001. If your organisation is looking to raise employee awareness of information security, then you will find this book especially useful. The pocket guide explains the concept of information security management within the framework of ISO27001.
Steve Watkins
STEVE WATKINS is a professor of English at the University of Mary Washington. He is the author of a collection of stories, My Chaos Theory, and two young adult novels, Down Sand Mountain and What Comes After. Watkins is also an award-winning journalist whose work has appeared in publications including LA Weekly, Poets and Writers, and the Nation.
Read more from Steve Watkins
Information Security Risk Management for ISO 27001/ISO 27002, third edition Rating: 4 out of 5 stars4/5Information Security Risk Management for ISO27001/ISO27002 Rating: 4 out of 5 stars4/5ISO 9001: A Pocket Guide Rating: 3 out of 5 stars3/5ISO27001:2013 Assessments Without Tears Rating: 3 out of 5 stars3/5Risk Assessment for Asset Owners Rating: 4 out of 5 stars4/5Classic Bengals: The 50 Greatest Games in Cincinnati Bengals History Rating: 0 out of 5 stars0 ratingsThe Black O: Racism and Redemption in an American Corporate Empire Rating: 5 out of 5 stars5/5Pilgrim Strong: Rewriting my story on the Way of St. James Rating: 0 out of 5 stars0 ratings
Related to An Introduction to Information Security and ISO27001:2013
Related ebooks
Nine Steps to Success: An ISO27001:2013 Implementation Overview Rating: 1 out of 5 stars1/5Application security in the ISO27001:2013 Environment Rating: 4 out of 5 stars4/5ISO 27001 Controls – A guide to implementing and auditing Rating: 5 out of 5 stars5/5ISO27001/ISO27002:2013: A Pocket Guide Rating: 4 out of 5 stars4/5PCI DSS: A Pocket Guide, fourth edition Rating: 0 out of 5 stars0 ratingsISO 27001 Annex A Controls in Plain English: A Step-by-Step Handbook for Information Security Practitioners in Small Businesses Rating: 0 out of 5 stars0 ratingsInformation Security A Practical Guide: Bridging the gap between IT and management Rating: 5 out of 5 stars5/5Managing Information Security Breaches: Studies from real life Rating: 0 out of 5 stars0 ratingsFundamentals of Information Security Risk Management Auditing: An introduction for managers and auditors Rating: 5 out of 5 stars5/5Infosec Management Fundamentals Rating: 5 out of 5 stars5/5Cyber Essentials: A Pocket Guide Rating: 5 out of 5 stars5/5The Case for ISO27001:2013 Rating: 1 out of 5 stars1/5Information Risk Management: A practitioner's guide Rating: 5 out of 5 stars5/5ISO/IEC 27701:2019: An introduction to privacy information management Rating: 4 out of 5 stars4/5Selling Information Security to the Board: A Primer Rating: 0 out of 5 stars0 ratingsInformation Security Governance: A Practical Development and Implementation Approach Rating: 0 out of 5 stars0 ratingsInformation Security for Small and Midsized Businesses Rating: 0 out of 5 stars0 ratingsCyber Security: Essential principles to secure your organisation Rating: 0 out of 5 stars0 ratingsInformation Security Breaches: Avoidance and Treatment based on ISO27001 Rating: 0 out of 5 stars0 ratingsSecurity Risk Management: Building an Information Security Risk Management Program from the Ground Up Rating: 4 out of 5 stars4/5Information Protection Playbook Rating: 0 out of 5 stars0 ratingsBusiness Practical Security Rating: 0 out of 5 stars0 ratingsThe Chief Information Security Officer: Insights, tools and survival skills Rating: 1 out of 5 stars1/5Application Security in the ISO27001 Environment Rating: 0 out of 5 stars0 ratingsThe EU Data Protection Code of Conduct for Cloud Service Providers: A guide to compliance Rating: 0 out of 5 stars0 ratingsISO27001 in a Windows Environment: The best practice implementation handbook for a Microsoft Windows environment Rating: 0 out of 5 stars0 ratingsFundamentals of Adopting the NIST Cybersecurity Framework Rating: 0 out of 5 stars0 ratingsISO 27001/ISO 27002: A guide to information security management systems Rating: 0 out of 5 stars0 ratingsSecurity and Risk Management: CISSP, #1 Rating: 4 out of 5 stars4/5Risk Management and Information Systems Control Rating: 5 out of 5 stars5/5
Security For You
Tor and the Dark Art of Anonymity Rating: 5 out of 5 stars5/5Hacking For Dummies Rating: 4 out of 5 stars4/5Destination CISSP Rating: 3 out of 5 stars3/5CompTIA Security+ Study Guide: Exam SY0-601 Rating: 5 out of 5 stars5/5Practical Lock Picking: A Physical Penetration Tester's Training Guide Rating: 5 out of 5 stars5/5Cybersecurity All-in-One For Dummies Rating: 0 out of 5 stars0 ratingsCybersecurity For Dummies Rating: 4 out of 5 stars4/5Cybersecurity: The Beginner's Guide: A comprehensive guide to getting started in cybersecurity Rating: 5 out of 5 stars5/5Wireless Hacking 101 Rating: 4 out of 5 stars4/5Ethical Hacking 101 - How to conduct professional pentestings in 21 days or less!: How to hack, #1 Rating: 5 out of 5 stars5/5Mike Meyers CompTIA Security+ Certification Passport, Sixth Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5Hacking : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Ethical Hacking Rating: 5 out of 5 stars5/5Codes and Ciphers - A History of Cryptography Rating: 4 out of 5 stars4/5Make Your Smartphone 007 Smart Rating: 4 out of 5 stars4/5Remote/WebCam Notarization : Basic Understanding Rating: 3 out of 5 stars3/5How to Hack Like a Pornstar Rating: 5 out of 5 stars5/5Amazon Web Services (AWS) Interview Questions and Answers Rating: 5 out of 5 stars5/5Network+ Study Guide & Practice Exams Rating: 4 out of 5 stars4/5Handbook of Digital Forensics and Investigation Rating: 4 out of 5 stars4/5Mike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5Ultimate Guide for Being Anonymous: Hacking the Planet, #4 Rating: 5 out of 5 stars5/5The Hacker Crackdown: Law and Disorder on the Electronic Frontier Rating: 4 out of 5 stars4/5The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers Rating: 4 out of 5 stars4/5The Cyber Attack Survival Manual: Tools for Surviving Everything from Identity Theft to the Digital Apocalypse Rating: 0 out of 5 stars0 ratingsHow to Become Anonymous, Secure and Free Online Rating: 5 out of 5 stars5/5
Reviews for An Introduction to Information Security and ISO27001:2013
5 ratings2 reviews
- Rating: 3 out of 5 stars3/5need to achieve my foundations in information security based on 27002. Thought I'd get some info for it in this book as well but was mistaken. So i think it was ok for what it did provide just not for my goals
- Rating: 5 out of 5 stars5/5Awesome book. Myself being a beginner, I would highly recommend this to anyone who's interested to know about information security/ build a successful career in this path. This has highly inspired me to read more about ISO 27001:2013.
Book preview
An Introduction to Information Security and ISO27001:2013 - Steve Watkins
Resources
INTRODUCTION
This pocket guide is intended to meet the needs of two groups:
Individual readers who have turned to it as an introduction to a topic that they know little about.
Organisations implementing, or considering implementing, some sort of information security management regime, particularly if using ISO/IEC 27001:2013, who wish to raise awareness.
In either case the guide furnishes readers with an understanding of the basics of information security, including:
A definition of what information security means.
How managing information security can be achieved using an approach recognised worldwide.
The factors that need to be considered in an information security regime, including how the perimeters of such a scheme can be properly defined.
How an information security management system can ensure it is maximising the effect of any budget it has.
Key areas of investment for a business-focused information security management system.
How organisations can demonstrate the degree of assurance they offer with regard to information security, how to interpret claims of adherence to the ISO27001 Standard and exactly what that means.
Corporate bodies will find this guide useful at a number of stages in any information security project, including:
At the decision-making stage, to ensure that those committing to an information security project do so from an informed position.
At project initiation, as an introduction to information security for the project board, project team members and those on the periphery of the project.
As part of an ongoing awareness campaign, being made available to all staff¹ and to new starters as part of their introduction to the company.
Corporate users may find they get the most benefit by making this pocket guide available and adding a small flyer inside it, which explains how various sections relate to their own specific environment, or where the issues raised in this guide are addressed in their own Information Security Management System (ISMS). For