Implementing an Information Security Management System: Security Management Based on ISO 27001 Guidelines » książka

zaloguj się | załóż konto

topmenu

Szukaj

Książki na zamówienie

Wyszukiwanie zaawansowane

Pusty koszyk

Bezpłatna dostawa dla zamówień powyżej 20 zł

Kategorie główne

• Nauka

[2678508]

• Literatura piękna

[1635285]

więcej...

Kategorie szczegółowe BISAC

Implementing an Information Security Management System: Security Management Based on ISO 27001 Guidelines

Name: Implementing an Information Security Management System: Security Management Based on ISO 27001 Guidelines
Brand: Apress
Price: 232.90 PLN
Availability: InStock

ISBN-13: 9781484254127 / Angielski / Miękka / 2019 / 274 str.

Abhishek Chopra; Mukund Chaudhary

Implementing an Information Security Management System: Security Management Based on ISO 27001 Guidelines

ISBN-13: 9781484254127 / Angielski / Miękka / 2019 / 274 str.

Abhishek Chopra; Mukund Chaudhary

cena 232,90 zł
(netto: 221,81 VAT: 5%)

Najniższa cena z 30 dni: 231,29 zł

Termin realizacji zamówienia:
ok. 20 dni roboczych.

Darmowa dostawa!

Kategorie:

Informatyka, Bazy danych

Kategorie BISAC:

Computers > Security - General
Business & Economics > Information Management
Computers > System Administration - Storage & Retrieval

Wydawca:

Apress

Język:

Angielski

ISBN-13:

9781484254127

Rok wydania:

2019

Ilość stron:

274

Waga:

0.51 kg

Wymiary:

25.4 x 17.78 x 1.57

Oprawa:

Miękka

Wolumenów:

Dodatkowe informacje:

Wydanie ilustrowane

Chapter 1 - Need for Information Security

Information security in simple terms refers to securing your information. The question arises; who would you need to secure it from? Any person who is not authorized to access and use information. This chapter will provide reader an introduction on information security and its importance. We will talk about various industries / domains example which will give readers an understanding of information security related to industries / domain they are working in or are about to implement information security in their specific industry / organization.

• What is Information Security?

• Information Security Management – ISO 27001

• Why it is important to safeguard the information?

• How will ISO 27001 be applicable to you?

Chapter 2 – Step 1: Assessing Needs and Scope

When starting an ISO 27001 - information security implementation, a doubt arises on the first step to be taken. This chapter will give reader an understanding as how to start implementation process and what are the important aspects to cover.

• Assessing Business Needs

• Scope & High level timeframe to achieve implementation

• Senior Management Support

Chapter 3 – Step 2: Project Kick-off

When we formally start a project, kick off is important with stakeholders. This chapter will give reader an understanding on conducting ISO 27001 implementation kick off with required stakeholders and gain their commitment on the project / set timeline.

• Presenting a High Level Plan

• Setting up Project Task Force

• Getting Commitment

Chapter 4 – Step 3: Initial Risk Assessment

The term Risk Assessment means identification of the risks related to information security. This chapter will give reader an understanding as how to conduct risk assessment exercise, which involved all teams/stakeholders. You will also learn the importance of preparing findings report & its presentation.

• Meeting Teams

• Preparing Analysis Report

• Presenting Report to Management / Teams

Chapter 5 – Step 4: Risk Management Approach

This chapter will give reader an understanding on the approach to be identified / followed for managing the risks identified during the risk assessment exercise. Our focus will be on identifying assets and applying security controls.

• Define / Finalize Risk Assessment Framework

• Identifying Assets

• Managing Risks

• Identifying Security Controls

• Statement of Applicability (SOA)

Chapter 6 – Step 5: Execution

Till now our focus was on identifying the gaps and approaches to be adopted. This chapter will provide you the steps to be taken during the execution process. We will cover identifying risks for each team / areas / stakeholders keeping the requirements of ISO 27001 security controls in mind.

• Information security awareness

• Need of Policies / Procedure

• Understanding & Implementing Controls

• Assessing Progress

Chapter 7 – Step 6: Audit

This chapter will give you an understanding on the audit (internal) requirements, conduct of audit / audit finding reports / closure of findings / improvement & communication with respect to ISO 27001 implementation.

• Preparing Audit Team (Internal)

• Conducting Audits

• Close findings / gaps

• Planning Improvement

• Communication

Chapter 8 – Step 7: Management Review

Management Review emphasizes the involvement of management in your process. This chapter will teach you the need of conducting management reviews and what aspects need to be taken into consideration while conducting this review.

• Conduct review

• Plan improvement

• Communicate

Chapter 9 – Step 8: External Audit / Assessment

This chapter will cover External Audits, which is the last stage of your ISO 27001 implementation. It will provide you an understanding on external audit requirements, how to prepare for audit, best practices to manage audit overall and closure of audit.

• Audit Preparation

• Best Practices to be Followed

• Audit Closure

Chapter 10 – Continual Improvement

During ISO 27001 implementations there could be many areas where information security risks could still be open or in-progress state. Risks like these can have a major effect on the efficiency of your security framework. This chapter will educate you on all these risks so that you can keep moving forward with your ISO 27001 information security management framework.

• Improvement Areas

• Execution Plan

• Regular Audits / Reviews

Abhishek is a quality professional with more than 13 years of experience implementing CMMi, ISO 9001, ITIL, and ISO 27001. He holds a black belt in Lean Six Sigma and is also a certified ISO 27001 Lead Auditor.

Mukund is a certified project management professional with more than a decade of experience in managing international projects, internal audits, CMMI, and ISO 27001. In his leisure time, he can be found reading articles on and exploring emerging technologies.

Discover the simple steps to implementing information security standards using ISO 27001, the most popular information security standard across the world. You’ll see how it offers best practices to be followed, including the roles of all the stakeholders at the time of security framework implementation, post-implementation, and during monitoring of the implemented controls. Implementing an Information Security Management System provides implementation guidelines for ISO 27001:2013 to protect your information assets and ensure a safer enterprise environment.

This book is a step-by-step guide on implementing secure ISMS for your organization. It will change the way you interpret and implement information security in your work area or organization.

You will:

Discover information safeguard methods
Implement end-to-end information security
Manage risk associated with information security
Prepare for audit with associated roles and responsibilities
Identify your information risk
Protect your information assets

Krainaksiazek.pl w programie rzetelna firma

Krainaksiaze.pl - płatności przez paypal

Czytaj nas na:

Zobacz:

1997-2024 DolnySlask.com Agencja Internetowa