How to Achieve 27001 Certification: An Example of Applied Compliance Management
The security criteria of the International Standards Organization (ISO) provides an excellent foundation for identifying and addressing business risks through a disciplined security management process. Using security standards ISO 17799 and ISO 27001 as a basis, How to Achieve 27001 Certification: A...
Đã lưu trong:
Những tác giả chính: | , |
---|---|
Định dạng: | Sách |
Ngôn ngữ: | English |
Được phát hành: |
CRC Press
2009
|
Truy cập trực tuyến: | http://scholar.dlu.edu.vn/thuvienso/handle/DLU123456789/1641 |
Các nhãn: |
Thêm thẻ
Không có thẻ, Là người đầu tiên thẻ bản ghi này!
|
Thư viện lưu trữ: | Thư viện Trường Đại học Đà Lạt |
---|
id |
oai:scholar.dlu.edu.vn:DLU123456789-1641 |
---|---|
record_format |
dspace |
spelling |
oai:scholar.dlu.edu.vn:DLU123456789-16412009-12-04T02:41:37Z How to Achieve 27001 Certification: An Example of Applied Compliance Management Arnason, Sigurjon Thor Willett, Keith The security criteria of the International Standards Organization (ISO) provides an excellent foundation for identifying and addressing business risks through a disciplined security management process. Using security standards ISO 17799 and ISO 27001 as a basis, How to Achieve 27001 Certification: An Example of Applied Compliance Management helps an organization align its security and organizational goals so it can generate effective security, compliance, and management programs. The authors offer insight from their own experiences, providing questions and answers to determine an organization's information security strengths and weaknesses with respect to the standard. They also present step-by-step information to help an organization plan an implementation, as well as prepare for certification and audit. Security is no longer a luxury for an organization, it is a legislative mandate. A formal methodology that helps an organization define and execute an ISMS is essential in order to perform and prove due diligence in upholding stakeholder interests and legislative compliance. Providing a good starting point for novices, as well as finely tuned nuances for seasoned security professionals, this book is an invaluable resource for anyone involved with meeting an organization's security, certification, and compliance needs. INTRODUCTION ISO SECURITY STANDARDS INTERNATIONAL SECURITY ORGANIZATION (ISO) SECURITY STANDARD CERTIFICATION GOALS OUTLINE AND FLOW COMMENTARY INTRODUCTION TO ISO SECURITY STANDARDS OBJECTIVES CORNERSTONES OF INFORMATION SECURITY THE HISTORY OF ISO INFORMATION SECURITY STANDARDS INFORMATION SECURITY STANDARDS ROADMAP AND NUMBERING INTERNATIONAL SECURITY MANAGEMENT STANDARDS OTHER PROPOSED INFORMATION SECURITY STANDARDS INTRODUCTION TO THE ISO/IEC 27001 STANDARD INTRODUCTION TO THE ISO 17799 STANDARD RELATIONSHIP BETWEEN ISO 27001 AND THE ISO 17799 RELATIONSHIP TO OTHER MANAGEMENT STANDARDS PDCA AND SECURITY STANDARDS CROSS REFERENCE INFORMATION SECURITY MANAGEMENT SYSTEM (ISMS) OBJECTIVES ISMS INTRODUCTION SECURITY MANAGEMENT FRAMEWORK (SMF) INTRODUCTION ISMS ESTABLISHMENT PROCESS…TO-BE OR PDCA FOUNDATIONAL CONCEPTS AND TOOLS FOR AN ISMS OBJECTIVES SMF APPLICATIONS ISMS INITIAL PLANNING AND IMPLEMENTATION ESTABLISHING CURRENT STATUS OF ORGANIZATIONAL SECURITY MANAGEMENT (ASSESSMENT PROCESS) ANALYSIS OF DISCOVERY RESULTS AN INITIAL VIEW OF DEVELOPING AN ISMS IMPLEMENTING AN INFORMATION SECURITY MANAGEMENT SYSTEM (ISMS) - PDCA OBJECTIVES ISMS DEFINITION PDCA MODEL PLAN PHASE DO PHASE CHECK PHASE ACT PHASE SUMMARY OF IMPLEMENTING THE ISMS AUDIT AND CERTIFICATION OBJECTIVES CERTIFICATION PROCESS OVERVIEW SELECTING AN ACCREDITED CERTIFICATION BODY CERTIFICATION PREPARATION CHECKLIST THE AUDIT STAGE PROCESS COMPLIANCE MANAGEMENT OBJECTIVES INTRODUCTION TO COMPLIANCE MANAGEMENT IA COMPLIANCE MANAGEMENT PROGRAM CONCLUSION AND COMMENTARY APPENDIX A: ISMS ASSESSMENT DISCOVERY QUESTION SET APPENDIX B: SAMPLE STATEMENT OF APPLICABILITY (SOA) APPENDIX C: PDCA GUIDELINE DOCUMENTS - OUTLINES ISMS - PLAN PHASE GUIDELINES-DOCUMENT OUTLINE ISMS - DO PHASE GUIDELINES-DOCUMENT OUTLINE ISMS - CHECK PHASE GUIDELINES-DOCUMENT OUTLINE ISMS - ACT PHASE GUIDELINES-DOCUMENT OUTLINE APPENDIX D: POLICY, STANDARD, AND PROCEDURE SAMPLE TEMPLATES SAMPLE POLICY TEMPLATE SAMPLE STANDARD TEMPLATE SAMPLE PROCEDURE TEMPLATE APPENDIX E: ISMS POLICY AND RISK TREATMENT TEMPLATES ISMS POLICY TEMPLATE RISK TREATMENT TEMPLATE APPENDIX F: PROJECT DEFINITION TEMPLATE USEFUL BITS OF KNOWLEDGE (UBOKS) GLOSSARY REFERENCES INDEX 2009-12-04T02:41:37Z 2009-12-04T02:41:37Z 2007 Book http://scholar.dlu.edu.vn/thuvienso/handle/DLU123456789/1641 en application/rar CRC Press |
institution |
Thư viện Trường Đại học Đà Lạt |
collection |
Thư viện số |
language |
English |
description |
The security criteria of the International Standards Organization (ISO) provides an excellent foundation for identifying and addressing business risks through a disciplined security management process. Using security standards ISO 17799 and ISO 27001 as a basis, How to Achieve 27001 Certification: An Example of Applied Compliance Management helps an organization align its security and organizational goals so it can generate effective security, compliance, and management programs.
The authors offer insight from their own experiences, providing questions and answers to determine an organization's information security strengths and weaknesses with respect to the standard. They also present step-by-step information to help an organization plan an implementation, as well as prepare for certification and audit.
Security is no longer a luxury for an organization, it is a legislative mandate. A formal methodology that helps an organization define and execute an ISMS is essential in order to perform and prove due diligence in upholding stakeholder interests and legislative compliance. Providing a good starting point for novices, as well as finely tuned nuances for seasoned security professionals, this book is an invaluable resource for anyone involved with meeting an organization's security, certification, and compliance needs. |
format |
Book |
author |
Arnason, Sigurjon Thor Willett, Keith |
spellingShingle |
Arnason, Sigurjon Thor Willett, Keith How to Achieve 27001 Certification: An Example of Applied Compliance Management |
author_facet |
Arnason, Sigurjon Thor Willett, Keith |
author_sort |
Arnason, Sigurjon Thor |
title |
How to Achieve 27001 Certification: An Example of Applied Compliance Management |
title_short |
How to Achieve 27001 Certification: An Example of Applied Compliance Management |
title_full |
How to Achieve 27001 Certification: An Example of Applied Compliance Management |
title_fullStr |
How to Achieve 27001 Certification: An Example of Applied Compliance Management |
title_full_unstemmed |
How to Achieve 27001 Certification: An Example of Applied Compliance Management |
title_sort |
how to achieve 27001 certification: an example of applied compliance management |
publisher |
CRC Press |
publishDate |
2009 |
url |
http://scholar.dlu.edu.vn/thuvienso/handle/DLU123456789/1641 |
_version_ |
1757676115756843008 |