How to Achieve 27001 Certification: An Example of Applied Compliance Management

The security criteria of the International Standards Organization (ISO) provides an excellent foundation for identifying and addressing business risks through a disciplined security management process. Using security standards ISO 17799 and ISO 27001 as a basis, How to Achieve 27001 Certification: A...

Mô tả đầy đủ

Đã lưu trong:
Chi tiết về thư mục
Những tác giả chính: Arnason, Sigurjon Thor, Willett, Keith
Định dạng: Sách
Ngôn ngữ:English
Được phát hành: CRC Press 2009
Truy cập trực tuyến:http://scholar.dlu.edu.vn/thuvienso/handle/DLU123456789/1641
Các nhãn: Thêm thẻ
Không có thẻ, Là người đầu tiên thẻ bản ghi này!
Thư viện lưu trữ: Thư viện Trường Đại học Đà Lạt
id oai:scholar.dlu.edu.vn:DLU123456789-1641
record_format dspace
spelling oai:scholar.dlu.edu.vn:DLU123456789-16412009-12-04T02:41:37Z How to Achieve 27001 Certification: An Example of Applied Compliance Management Arnason, Sigurjon Thor Willett, Keith The security criteria of the International Standards Organization (ISO) provides an excellent foundation for identifying and addressing business risks through a disciplined security management process. Using security standards ISO 17799 and ISO 27001 as a basis, How to Achieve 27001 Certification: An Example of Applied Compliance Management helps an organization align its security and organizational goals so it can generate effective security, compliance, and management programs. The authors offer insight from their own experiences, providing questions and answers to determine an organization's information security strengths and weaknesses with respect to the standard. They also present step-by-step information to help an organization plan an implementation, as well as prepare for certification and audit. Security is no longer a luxury for an organization, it is a legislative mandate. A formal methodology that helps an organization define and execute an ISMS is essential in order to perform and prove due diligence in upholding stakeholder interests and legislative compliance. Providing a good starting point for novices, as well as finely tuned nuances for seasoned security professionals, this book is an invaluable resource for anyone involved with meeting an organization's security, certification, and compliance needs. INTRODUCTION ISO SECURITY STANDARDS INTERNATIONAL SECURITY ORGANIZATION (ISO) SECURITY STANDARD CERTIFICATION GOALS OUTLINE AND FLOW COMMENTARY INTRODUCTION TO ISO SECURITY STANDARDS OBJECTIVES CORNERSTONES OF INFORMATION SECURITY THE HISTORY OF ISO INFORMATION SECURITY STANDARDS INFORMATION SECURITY STANDARDS ROADMAP AND NUMBERING INTERNATIONAL SECURITY MANAGEMENT STANDARDS OTHER PROPOSED INFORMATION SECURITY STANDARDS INTRODUCTION TO THE ISO/IEC 27001 STANDARD INTRODUCTION TO THE ISO 17799 STANDARD RELATIONSHIP BETWEEN ISO 27001 AND THE ISO 17799 RELATIONSHIP TO OTHER MANAGEMENT STANDARDS PDCA AND SECURITY STANDARDS CROSS REFERENCE INFORMATION SECURITY MANAGEMENT SYSTEM (ISMS) OBJECTIVES ISMS INTRODUCTION SECURITY MANAGEMENT FRAMEWORK (SMF) INTRODUCTION ISMS ESTABLISHMENT PROCESS…TO-BE OR PDCA FOUNDATIONAL CONCEPTS AND TOOLS FOR AN ISMS OBJECTIVES SMF APPLICATIONS ISMS INITIAL PLANNING AND IMPLEMENTATION ESTABLISHING CURRENT STATUS OF ORGANIZATIONAL SECURITY MANAGEMENT (ASSESSMENT PROCESS) ANALYSIS OF DISCOVERY RESULTS AN INITIAL VIEW OF DEVELOPING AN ISMS IMPLEMENTING AN INFORMATION SECURITY MANAGEMENT SYSTEM (ISMS) - PDCA OBJECTIVES ISMS DEFINITION PDCA MODEL PLAN PHASE DO PHASE CHECK PHASE ACT PHASE SUMMARY OF IMPLEMENTING THE ISMS AUDIT AND CERTIFICATION OBJECTIVES CERTIFICATION PROCESS OVERVIEW SELECTING AN ACCREDITED CERTIFICATION BODY CERTIFICATION PREPARATION CHECKLIST THE AUDIT STAGE PROCESS COMPLIANCE MANAGEMENT OBJECTIVES INTRODUCTION TO COMPLIANCE MANAGEMENT IA COMPLIANCE MANAGEMENT PROGRAM CONCLUSION AND COMMENTARY APPENDIX A: ISMS ASSESSMENT DISCOVERY QUESTION SET APPENDIX B: SAMPLE STATEMENT OF APPLICABILITY (SOA) APPENDIX C: PDCA GUIDELINE DOCUMENTS - OUTLINES ISMS - PLAN PHASE GUIDELINES-DOCUMENT OUTLINE ISMS - DO PHASE GUIDELINES-DOCUMENT OUTLINE ISMS - CHECK PHASE GUIDELINES-DOCUMENT OUTLINE ISMS - ACT PHASE GUIDELINES-DOCUMENT OUTLINE APPENDIX D: POLICY, STANDARD, AND PROCEDURE SAMPLE TEMPLATES SAMPLE POLICY TEMPLATE SAMPLE STANDARD TEMPLATE SAMPLE PROCEDURE TEMPLATE APPENDIX E: ISMS POLICY AND RISK TREATMENT TEMPLATES ISMS POLICY TEMPLATE RISK TREATMENT TEMPLATE APPENDIX F: PROJECT DEFINITION TEMPLATE USEFUL BITS OF KNOWLEDGE (UBOKS) GLOSSARY REFERENCES INDEX 2009-12-04T02:41:37Z 2009-12-04T02:41:37Z 2007 Book http://scholar.dlu.edu.vn/thuvienso/handle/DLU123456789/1641 en application/rar CRC Press
institution Thư viện Trường Đại học Đà Lạt
collection Thư viện số
language English
description The security criteria of the International Standards Organization (ISO) provides an excellent foundation for identifying and addressing business risks through a disciplined security management process. Using security standards ISO 17799 and ISO 27001 as a basis, How to Achieve 27001 Certification: An Example of Applied Compliance Management helps an organization align its security and organizational goals so it can generate effective security, compliance, and management programs. The authors offer insight from their own experiences, providing questions and answers to determine an organization's information security strengths and weaknesses with respect to the standard. They also present step-by-step information to help an organization plan an implementation, as well as prepare for certification and audit. Security is no longer a luxury for an organization, it is a legislative mandate. A formal methodology that helps an organization define and execute an ISMS is essential in order to perform and prove due diligence in upholding stakeholder interests and legislative compliance. Providing a good starting point for novices, as well as finely tuned nuances for seasoned security professionals, this book is an invaluable resource for anyone involved with meeting an organization's security, certification, and compliance needs.
format Book
author Arnason, Sigurjon Thor
Willett, Keith
spellingShingle Arnason, Sigurjon Thor
Willett, Keith
How to Achieve 27001 Certification: An Example of Applied Compliance Management
author_facet Arnason, Sigurjon Thor
Willett, Keith
author_sort Arnason, Sigurjon Thor
title How to Achieve 27001 Certification: An Example of Applied Compliance Management
title_short How to Achieve 27001 Certification: An Example of Applied Compliance Management
title_full How to Achieve 27001 Certification: An Example of Applied Compliance Management
title_fullStr How to Achieve 27001 Certification: An Example of Applied Compliance Management
title_full_unstemmed How to Achieve 27001 Certification: An Example of Applied Compliance Management
title_sort how to achieve 27001 certification: an example of applied compliance management
publisher CRC Press
publishDate 2009
url http://scholar.dlu.edu.vn/thuvienso/handle/DLU123456789/1641
_version_ 1757676115756843008