Information is one of your organisation’s most important resources and keeping that information secure is vital to your business.
An information security management system (ISMS) based on ISO27001/ISO27002 offers a host of benefits:
- Improved efficiency by having information security systems and procedures in place, enabling you to focus more on your core business.
- Protects your information assets from a wide range of cyber threats, criminal activity, insider compromise and system failure.
- Manage your risks systematically and establish plans to eliminate or reduce cyber threats.
- Enables earlier detection of threats or processing errors, and faster resolution.
This handy pocket guide is an essential overview of two key information security standards that cover the formal requirements (ISO27001:2013) for creating an information security management system (ISMS), and the best-practice recommendations (ISO27002:2013) for those responsible for initiating, implementing or maintaining it.
Buy this pocket guide and start securing your information assets today.
1: The ISO/IEC 27000 Family of Information Security Standards
2: Background to the Standards
3: Specification vs Code of Practice
4: Certification Process
5: The ISMS and ISO27001
6: Overview of ISO/IEC 27001:2013
7: Overview of ISO/IEC 27002:2013
8: Documentation and Records
9: Management Responsibility
10: Process Approach and the PDCA Cycle
11: Context, Policy and Scope
12: Risk Assessment
13: The Statement of Applicability
15: Check and Act
16: Management Review
17: ISO27001 Annex A