eBook - ePub

Information Security Risk Management for ISO 27001/ISO 27002

Name: Information Security Risk Management for ISO 27001/ISO 27002
ISBN: 9781787781382

Alan Calder,

Steve Watkins,

181 pages
English
ePUB (mobile friendly)
Available on iOS & Android

eBook - ePub

Information Security Risk Management for ISO 27001/ISO 27002

Alan Calder,

Steve Watkins,

About this book

Protect your information assets with effective risk management

In today's information economy, the development, exploitation and protection of informationand associatedassets are key to the long-term competitiveness and survival of corporations and entire economies. The protection of informationand associatedassets – information security – is therefore overtaking physical asset protection as a fundamental corporate governance responsibility.

Information security management system requirements

ISO 27000, which provides an overview for the family of international standards for information security, states that "An organisation needs to undertake the following steps in establishing, monitoring, maintaining and improving its ISMS […] assess information security risks and treat information security risks". The requirements for an ISMS are specified in ISO 27001. Under this standard, a risk assessment must be carried out to inform the selection of security controls, making risk assessment the core competence of information security management and a critical corporate discipline.

Plan and carry out a risk assessment to protect your information

Information Security Risk Management for ISO 27001 / ISO 27002:

Provides information security and risk management teams with detailed, practical guidance on how to develop and implement a risk assessment in line with the requirements of ISO 27001.
Draws on national and international best practice around risk assessment, including BS 7799-3: 2017 (BS 7799-3).
Covers key topics such as risk assessment methodologies, risk management objectives, information security policy and scoping, threats and vulnerabilities, risk treatment and selection of controls.
Includes advice on choosing risk assessment software.

Ideal for risk managers, information security managers, lead implementers, compliance managers and consultants, as well as providing useful background material for auditors, this book will enable readers to develop an ISO 27001-compliant risk assessment framework for their organisation and deliver real, bottom-line business benefits.

Buy your copy today!

About the authors

Alan Calder is the Group CEO of GRCInternational Groupplc, the AIM-listed company that owns IT GovernanceLtd.Alan is an acknowledged international cyber security guru and a leadingauthor on information security and IT governance issues. He has beeninvolved in the development of a wide range of information security managementtraining courses that have beenaccredited by IBITGQ (International Boardfor IT Governance Qualifications). Alan has consulted for clientsin the UK andabroad, andis a regular media commentator and speaker.

Steve Watkins is an executive director at GRC International Group plc. He is a contracted technical assessor for UKAS – advising on its assessments of certification bodies offering ISMS/ISO 27001 and ITSMS/ISO 20000-1 accredited certification. He is a member of ISO/IEC JTC 1/SC 27, the international technical committee responsible for information security, cyber security and privacy standards, and chairs the UK National Standards Body's technical committee IST/33 (information security, cyber security and privacy protection) that mirrors it. Stevewas an active member ofIST/33/-/6, which developed BS 7799-3.

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.

No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn more here.

Perlego offers two plans: Essential and Complete

Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.

Both plans are available with monthly, semester, or annual billing cycles.

We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.

Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.

Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.

Yes, you can access Information Security Risk Management for ISO 27001/ISO 27002 by Alan Calder,Steve Watkins in PDF and/or ePUB format, as well as other popular books in Computer Science & Computer Science General. We have over one million books available in our catalogue for you to explore.