Many information security professionals invest a lot of money developing an ISMS (information security management system). They also invest in ISO 27001 training such as ISO27001 Certified ISMS Lead Implementer Online to gain practical skills and knowledge. Others hire an experienced ISO 27001 consultant to help them with the complex aspects of the project and guide them through the process.
Most information security professionals, however, invest less and gain a lot by simply reading about ISO 27001 and doing their own initial preparation. This is a cost-effective method and provides a good foundation in understanding what is needed for successful ISO 27001 implementation.
Essential ISO 27001 reading
IT Governance has published five books to help ISO 27001 professionals prepare for ISO 27001 implementation.
This must-have book from ISO 27001 expert Alan Calder is an idea guide for anyone tackling ISO 27001 implementation for the first time. It will help you get to grips with the requirements of the Standard and make your ISO 27001 implementation project a success.
Hundreds of organisations around the world have achieved accredited certification to ISO 27001 with IT Governance’s guidance, which is distilled in this book.
Now in its sixth edition, this bestselling guide is ideal for information security professionals and organisations that are looking to enhance their ISMS and protect against information security threats. It provides best-practice guidance from ISO 27001 experts Alan Calder and Steve Watkins to help you successfully implement an ISO 27001-compliant ISMS.
The book will help you understand how information technology decisions should be made and monitored, and how to deal with risks; the issues and responsibilities associated with risk; the importance of information-related legislation and regulation; the new, global threats and vulnerabilities, particularly in cyberspace, and much more.
This book presents the compelling business case for implementing ISO 27001 to protect your information assets. It is a clear and concise introduction and a perfect supporting text for an ISO 27001 project proposal.
With essential information from ISO 27001 expert Alan Calder, you will learn how your organisation can fight cyber crime, combat cyber terror and boost your corporate governance.
Successfully implement ISO 27001 in a Windows environment with this step-by-step guide written by information security expert Brian Honan. This book bridges the knowledge gap between those trying to implement ISO 27001 and the IT specialists trying to put the necessary best-practice controls in place using Microsoft’s technical controls. ISO27001 in a Windows® Environment bridges that gap and gives essential guidance to everyone involved in a Windows-based ISO 27001 project.
This book will help you learn about the various controls required under ISO 27001, together with the relevant Microsoft products that can be used to implement them. It will also help you understand how to make the most of Windows security features and bridge the knowledge gap between ISO 27001 and Windows security.
The audit process can be daunting as an auditor can direct questions at any employee within your organisation. This pocket guide offers a tried-and-tested briefing, and should be issued to staff in advance of the audit to help them prepare for the experience and be well equipped to answer any questions.
This pocket book explains what an ISO 27001 assessment is, why organisations bother with them, and what individual staff should do and, perhaps as importantly, not do if an auditor chooses to question them.
It is the perfect tool to train everybody inside your organisation to play their part in the ISO 27001 assessment.
Essential ISO 27001 implementation bundle
July’s cost-effective book of the month bundle, The ISO 27001 Expertise Bundle, provides you with the essential resources and skills you need to convince the board to invest in ISO 27001, along with the first steps to take once you have gained approval.