Audiobook6 hours
ISO 27001 Controls – A guide to implementing and auditing
Written by Bridget Kenyon
Narrated by Alice White (Female Synthesized Voice)
Rating: 0 out of 5 stars
()
About this audiobook
A must-have resource for anyone looking to establish, implement and maintain an ISMS.
Ideal for information security managers, auditors, consultants and organisations preparing for ISO 27001 certification, this book will help readers understand the requirements of an ISMS (information security management system) based on ISO 27001. Similarly, for anyone involved in internal or external audits, the book includes the definitive requirements that auditors must address when certifying organisations to ISO 27001.
The book covers:
- Implementation guidance – what needs to be considered to fulfil the requirements of the controls from ISO/IEC 27001, Annex A. This guidance is aligned with ISO/IEC 27002, which gives advice on implementing the controls;
- Auditing guidance – what should be checked, and how, when examining the ISO/IEC 27001 controls to ensure that the implementation covers the ISMS control requirements. The implementation guidance gives clear descriptions covering what needs to be considered to achieve compliance against the requirements, with examples given throughout. The auditing guidance covers what evidence an auditor should look for in order to satisfy themselves that the requirement has been met. Useful for internal auditors and consultants, the auditing guidance will also be useful for information security managers and lead implementers as a means of confirming that their implementation and evidence to support it will be sufficient to pass an audit.
This guide is intended to be used by those involved in:
- Designing, implementing and/or maintaining an ISMS;
- Preparing for ISMS audits and assessments; or
- Undertaking both internal and third-party ISMS audits and assessmentsAbout the author
Bridget Kenyon (CISSP) is global CISO for Thales eSecurity. Her experience in information security started in 2000 with a role in network vulnerabilities at DERA, following which she has been a PCI Qualified Security Assessor, information security officer for Warwick University and head of information security for UCL, and has held a variety of roles in consultancy and academia.
Bridget has been contributing to international standards since 2006, when she first joined BSI Panel 1, coordinating development of information security management system standards; she is currently editor for ISO/IEC 27014. Bridget has also co-authored three textbooks on information security. She strongly believes that "information security is fundamental to reliable business operations, not a nice-to-have". In 2018, she was named one of the top 25 women in tech by UK publication PCR.
Ideal for information security managers, auditors, consultants and organisations preparing for ISO 27001 certification, this book will help readers understand the requirements of an ISMS (information security management system) based on ISO 27001. Similarly, for anyone involved in internal or external audits, the book includes the definitive requirements that auditors must address when certifying organisations to ISO 27001.
The book covers:
- Implementation guidance – what needs to be considered to fulfil the requirements of the controls from ISO/IEC 27001, Annex A. This guidance is aligned with ISO/IEC 27002, which gives advice on implementing the controls;
- Auditing guidance – what should be checked, and how, when examining the ISO/IEC 27001 controls to ensure that the implementation covers the ISMS control requirements. The implementation guidance gives clear descriptions covering what needs to be considered to achieve compliance against the requirements, with examples given throughout. The auditing guidance covers what evidence an auditor should look for in order to satisfy themselves that the requirement has been met. Useful for internal auditors and consultants, the auditing guidance will also be useful for information security managers and lead implementers as a means of confirming that their implementation and evidence to support it will be sufficient to pass an audit.
This guide is intended to be used by those involved in:
- Designing, implementing and/or maintaining an ISMS;
- Preparing for ISMS audits and assessments; or
- Undertaking both internal and third-party ISMS audits and assessmentsAbout the author
Bridget Kenyon (CISSP) is global CISO for Thales eSecurity. Her experience in information security started in 2000 with a role in network vulnerabilities at DERA, following which she has been a PCI Qualified Security Assessor, information security officer for Warwick University and head of information security for UCL, and has held a variety of roles in consultancy and academia.
Bridget has been contributing to international standards since 2006, when she first joined BSI Panel 1, coordinating development of information security management system standards; she is currently editor for ISO/IEC 27014. Bridget has also co-authored three textbooks on information security. She strongly believes that "information security is fundamental to reliable business operations, not a nice-to-have". In 2018, she was named one of the top 25 women in tech by UK publication PCR.
Related to ISO 27001 Controls – A guide to implementing and auditing
Related audiobooks
ISO/IEC 27001:2022: An introduction to information security and the ISMS standard Rating: 5 out of 5 stars5/5ISO/IEC 27701:2019: An introduction to privacy information management Rating: 5 out of 5 stars5/5NIST Cloud Security: Cyber Threats, Policies, And Best Practices Rating: 5 out of 5 stars5/5ISO27001/ISO27002:2013: A Pocket Guide Rating: 0 out of 5 stars0 ratingsHow to Build a Cyber-Resilient Organization Rating: 0 out of 5 stars0 ratingsHow Cyber Security Can Protect Your Business: A guide for all stakeholders Rating: 0 out of 5 stars0 ratingsRethinking IT Security: What Needs to Be Said — How Can We Solve the IT Security Problem Long Term? Rating: 0 out of 5 stars0 ratingsCISSP: Tips and Tricks to Learn and Study about Information Systems Security from A-Z Rating: 4 out of 5 stars4/5The Cybersecurity Maturity Model Certification (CMMC) – A pocket guide Rating: 0 out of 5 stars0 ratingsCybersecurity in Healthcare: A National Study of HIPAA Implementation Rating: 0 out of 5 stars0 ratingsRMF ISSO: NIST 800-53 Controls: NIST 800 Control Families in Each RMF Step Rating: 0 out of 5 stars0 ratingsNIST Cybersecurity Framework: A pocket guide Rating: 0 out of 5 stars0 ratingsCertified Information Security Manager CISM Study Guide Rating: 0 out of 5 stars0 ratingsCybersecurity Handbook for Small to Mid-size Businesses Rating: 0 out of 5 stars0 ratingsCyber Security: Essential principles to secure your organisation Rating: 5 out of 5 stars5/5Duty of Care: An Executive Guide for Corporate Boards in the Digital Era Rating: 4 out of 5 stars4/5Building a Cyber Risk Management Program: Evolving Security for the Digital Age Rating: 0 out of 5 stars0 ratingsCybersecurity For Beginners: How to apply the NIST Risk Management Framework Rating: 0 out of 5 stars0 ratingsThe CISO Evolution: Business Knowledge for Cybersecurity Executives Rating: 5 out of 5 stars5/5The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer Rating: 5 out of 5 stars5/5Business Continuity Management: Building an Effective Incident Management Plan Rating: 5 out of 5 stars5/5HIPAA Compliance Officer - The Comprehensive Guide: Mastering Privacy and Security in Healthcare Management Rating: 0 out of 5 stars0 ratingsITIL® 4 Direct, Plan and Improve (DPI): Your companion to the ITIL 4 Managing Professional and Strategic Leader DPI certification Rating: 0 out of 5 stars0 ratings(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide, 3rd Edition Rating: 0 out of 5 stars0 ratingsITIL® 4 Drive Stakeholder Value (DSV): Your companion to the ITIL 4 Managing Professional DSV certification Rating: 0 out of 5 stars0 ratings(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide: 2nd Edition Rating: 5 out of 5 stars5/5Risk Management and ISO 31000: A pocket guide Rating: 0 out of 5 stars0 ratings
Security For You
The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage Rating: 5 out of 5 stars5/5Social Engineering: The Science of Human Hacking 2nd Edition Rating: 5 out of 5 stars5/5Cloudmoney: Cash, Cards, Crypto, and the War for Our Wallets Rating: 4 out of 5 stars4/5The Art of Deception: Controlling the Human Element of Security Rating: 4 out of 5 stars4/5Tor Darknet Bundle (5 in 1): Master the Art of Invisibility Rating: 5 out of 5 stars5/5CompTIA A+ Certification All-in-One Exam Guide, Eleventh Edition (Exams 220-1101 & 220-1102) Rating: 5 out of 5 stars5/5The Ransomware Hunting Team: A Band of Misfits' Improbable Crusade to Save the World from Cybercrime Rating: 4 out of 5 stars4/5A Hacker's Mind: How the Powerful Bend Society's Rules, and How to Bend them Back Rating: 4 out of 5 stars4/5Cybersecurity For Dummies Rating: 4 out of 5 stars4/5Crypto: How the Code Rebels Beat the Government--Saving Privacy in the Digital Age Rating: 4 out of 5 stars4/5CompTIA Security+ All-in-One Exam Guide, Sixth Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5Social Engineering: The Art of Human Hacking Rating: 5 out of 5 stars5/5Navigating the Cybersecurity Career Path: Insider Advice for Navigating from Your First Gig to the C-Suite Rating: 5 out of 5 stars5/5Cybersecurity: The Insights You Need from Harvard Business Review Rating: 5 out of 5 stars5/5Through the Firewall: The Alchemy of Turning Crisis into Opportunity Rating: 5 out of 5 stars5/5Tor and the Dark Art of Anonymity Rating: 5 out of 5 stars5/5Darknet: A Beginner's Guide to Staying Anonymous Online Rating: 5 out of 5 stars5/5The Wires of War: Technology and the Global Struggle for Power Rating: 4 out of 5 stars4/5Hacking the Hacker: Learn From the Experts Who Take Down Hackers Rating: 4 out of 5 stars4/5Cybersecurity and Cyberwar: What Everyone Needs to Know Rating: 4 out of 5 stars4/5If It's Smart, It's Vulnerable Rating: 4 out of 5 stars4/5Blockchain and the Law: The Rule of Code Rating: 4 out of 5 stars4/5Blockchain For Dummies Rating: 5 out of 5 stars5/5(ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide 9th Edition Rating: 5 out of 5 stars5/5Project Zero Trust: A Story about a Strategy for Aligning Security and the Business Rating: 5 out of 5 stars5/5Cybersecurity: Learn Fast how to Become an InfoSec Pro 3 Books in 1 Rating: 0 out of 5 stars0 ratings
Reviews for ISO 27001 Controls – A guide to implementing and auditing
Rating: 0 out of 5 stars
0 ratings
0 ratings0 reviews