Implementing an Information Security Management System

Discover the simple steps to implementing information security standards using ISO 27001, the most popular information security standard across the world. You'll see how it offers best practices to be followed, including the roles of all the stakeholders at the time of security framework implementation, post-implementation, and during monitoring of the implemented controls. Implementing an Information Security Management System provides implementation guidelines for ISO 27001:2013 to protect your information assets and ensure a safer enterprise environment.

This book is a step-by-step guide on implementing secure ISMS for your organization. It will change the way you interpret and implement information security in your work area or organization.

What You Will Learn

• Discover information safeguard methods
• Implement end-to-end information security
• Manage risk associated with information security
• Prepare for audit with associated roles and responsibilities
• Identify your information risk
• Protect your information assets

Who This Book Is For
Security professionals who implement and manage a security framework or security controls within their organization. This book can also be used by developers with a basic knowledge of security concepts to gain a strong understanding of security standards for an enterprise.

Chapter 1 - Need for information security. - Chapter 2 Step 1: Assessing Needs and Scope. - Chapter 3 Step 2: Project kick-off. - Chapter 4 Step 3: Initial Risk Assessment. - Chapter 5 Step 4: Risk Management Approach. - Chapter 6 Step 5: Execution. - Chapter 7 Step 6: Audit. - Chapter 8 Step 7: Management Review. - Chapter 9 Step 8: External Audit / Assessment. - Chapter 10 Continual Improvement.