ISO/IEC 27001:2022: An introduction to information security and the ISMS standard
5/5
()
About this ebook
Written by an acknowledged expert on the ISO/IEC 27001 Standard, ISO 27001:2022 – An Introduction to information security and the ISMS standard is an ideal primer for anyone implementing an information security management system aligned to ISO 27001:2022.
The guide is a must-have resource giving a clear, concise and easy-to-read introduction to information security, providing guidance to ensure the management systems you put in place are effective, reliable and auditable.
This pocket guide will help you to:
- Make informed decisions
Using this guide will enable the key employees in your organisation to make better decisions before embarking on an information security project.
- Ensure everyone is up to speed
This guide will give the non-specialists on the project board and in the project team a clearer understanding of what an information security management system involves, reflecting the ISO 27001:2022 version of the Standard.
- Raise awareness among staff
Ensure that your staff know what is at stake with regard to information security and understand what is expected of them with this pocket guide.
- Enhance your competitiveness
Use this guide to begin your ISO 27001:2022 implementation journey and let your customers know that the information you hold about them is managed and protected appropriately.
Get up to speed with the ISO 27001:2022 updates and keep your information secure About the author:Steve is a Director of Kinsnall Consulting Ltd, providing board-level advice on cyber security and related standards.
Steve is an active member of SC 27, the international committee responsible for cyber security, information security and privacy protection standards, including the ISO 27001 family. He Chairs the UK national committee (IST 33) that mirrors SC 27 and is the Chair of the UK ISO/IEC 27001 User Group.
He is also a contracted ISMS and ITSMS Technical Assessor for UKAS, supporting the assessment of certification bodies offering accredited certification to ISO/IEC 27001 and ISO/IEC 20000-1.
TOC:Introduction
Chapter 1: Information security – What’s that?
Chapter 2: It’s not IT
Chapter 3: ISO 27001 and the management system requirements
Chapter 4: Legal, regulatory and contractual requirements and business risk
Chapter 5: Information security controls
Chapter 6: Certification
Chapter 7: Signposting
Further reading
Steve Watkins
STEVE WATKINS is a professor of English at the University of Mary Washington. He is the author of a collection of stories, My Chaos Theory, and two young adult novels, Down Sand Mountain and What Comes After. Watkins is also an award-winning journalist whose work has appeared in publications including LA Weekly, Poets and Writers, and the Nation.
Read more from Steve Watkins
Information Security Risk Management for ISO 27001/ISO 27002, third edition Rating: 4 out of 5 stars4/5ISO 9001: A Pocket Guide Rating: 3 out of 5 stars3/5Information Security Risk Management for ISO27001/ISO27002 Rating: 4 out of 5 stars4/5ISO27001:2013 Assessments Without Tears Rating: 3 out of 5 stars3/5Classic Bengals: The 50 Greatest Games in Cincinnati Bengals History Rating: 0 out of 5 stars0 ratingsAn Introduction to Information Security and ISO27001:2013: A Pocket Guide Rating: 4 out of 5 stars4/5Risk Assessment for Asset Owners Rating: 4 out of 5 stars4/5The Black O: Racism and Redemption in an American Corporate Empire Rating: 5 out of 5 stars5/5Pilgrim Strong: Rewriting my story on the Way of St. James Rating: 0 out of 5 stars0 ratings
Related to ISO/IEC 27001:2022
Related ebooks
ISO 27001 Controls – A guide to implementing and auditing Rating: 5 out of 5 stars5/5ISO27001/ISO27002:2013: A Pocket Guide Rating: 4 out of 5 stars4/5ISO 27001 Annex A Controls in Plain English: A Step-by-Step Handbook for Information Security Practitioners in Small Businesses Rating: 0 out of 5 stars0 ratingsAn Introduction to Information Security and ISO27001:2013: A Pocket Guide Rating: 4 out of 5 stars4/5Application security in the ISO27001:2013 Environment Rating: 4 out of 5 stars4/5The Case for ISO27001:2013 Rating: 1 out of 5 stars1/5ISO 27001/ISO 27002: A guide to information security management systems Rating: 0 out of 5 stars0 ratingsISO/IEC 27701:2019: An introduction to privacy information management Rating: 4 out of 5 stars4/5Cyber Essentials: A guide to the Cyber Essentials and Cyber Essentials Plus certifications Rating: 0 out of 5 stars0 ratingsISO27001 in a Windows Environment: The best practice implementation handbook for a Microsoft Windows environment Rating: 0 out of 5 stars0 ratingsInformation Security Breaches: Avoidance and Treatment based on ISO27001 Rating: 0 out of 5 stars0 ratingsManaging Information Security Breaches: Studies from real life Rating: 0 out of 5 stars0 ratingsISO22301: A Pocket Guide Rating: 4 out of 5 stars4/5Nine Steps to Success: An ISO27001:2013 Implementation Overview Rating: 3 out of 5 stars3/5PCI DSS: A Pocket Guide, fourth edition Rating: 0 out of 5 stars0 ratingsRisk Management and ISO 31000: A pocket guide Rating: 0 out of 5 stars0 ratingsCISSP Exam Study Guide: NIST Framework, Digital Forensics & Cybersecurity Governance Rating: 5 out of 5 stars5/5Information Security Governance: A Practical Development and Implementation Approach Rating: 0 out of 5 stars0 ratingsCybersecurity Design Principles: Building Secure Resilient Architecture Rating: 0 out of 5 stars0 ratingsISO/IEC 38500: A pocket guide, second edition Rating: 4 out of 5 stars4/5Risk Management and Information Systems Control Rating: 5 out of 5 stars5/5Risk Assessment for Asset Owners Rating: 4 out of 5 stars4/5ISO 22301: 2019 - An introduction to a business continuity management system (BCMS) Rating: 4 out of 5 stars4/5Securing Cloud Services - A pragmatic guide: Second edition Rating: 0 out of 5 stars0 ratingsAssessing Information Security: Strategies, Tactics, Logic and Framework Rating: 5 out of 5 stars5/5Selling Information Security to the Board: A Primer Rating: 0 out of 5 stars0 ratingsThe Official (ISC)2 CCSP CBK Reference Rating: 0 out of 5 stars0 ratings
Computers For You
Mastering ChatGPT: 21 Prompts Templates for Effortless Writing Rating: 5 out of 5 stars5/5Procreate for Beginners: Introduction to Procreate for Drawing and Illustrating on the iPad Rating: 0 out of 5 stars0 ratingsElon Musk Rating: 4 out of 5 stars4/5The Mega Box: The Ultimate Guide to the Best Free Resources on the Internet Rating: 4 out of 5 stars4/5ChatGPT Ultimate User Guide - How to Make Money Online Faster and More Precise Using AI Technology Rating: 0 out of 5 stars0 ratingsThe ChatGPT Millionaire Handbook: Make Money Online With the Power of AI Technology Rating: 0 out of 5 stars0 ratingsThe Best Hacking Tricks for Beginners Rating: 4 out of 5 stars4/5SQL QuickStart Guide: The Simplified Beginner's Guide to Managing, Analyzing, and Manipulating Data With SQL Rating: 4 out of 5 stars4/5Deep Search: How to Explore the Internet More Effectively Rating: 5 out of 5 stars5/5How to Create Cpn Numbers the Right way: A Step by Step Guide to Creating cpn Numbers Legally Rating: 4 out of 5 stars4/5Grokking Algorithms: An illustrated guide for programmers and other curious people Rating: 4 out of 5 stars4/5Everybody Lies: Big Data, New Data, and What the Internet Can Tell Us About Who We Really Are Rating: 4 out of 5 stars4/5Practical Lock Picking: A Physical Penetration Tester's Training Guide Rating: 5 out of 5 stars5/5People Skills for Analytical Thinkers Rating: 5 out of 5 stars5/5Slenderman: Online Obsession, Mental Illness, and the Violent Crime of Two Midwestern Girls Rating: 4 out of 5 stars4/5CompTIA Security+ Practice Questions Rating: 2 out of 5 stars2/5The Designer's Web Handbook: What You Need to Know to Create for the Web Rating: 0 out of 5 stars0 ratingsLearning the Chess Openings Rating: 5 out of 5 stars5/5The Professional Voiceover Handbook: Voiceover training, #1 Rating: 5 out of 5 stars5/5Web Designer's Idea Book, Volume 4: Inspiration from the Best Web Design Trends, Themes and Styles Rating: 4 out of 5 stars4/5CompTIA IT Fundamentals (ITF+) Study Guide: Exam FC0-U61 Rating: 0 out of 5 stars0 ratingsRemote/WebCam Notarization : Basic Understanding Rating: 3 out of 5 stars3/5Ultimate Guide to Mastering Command Blocks!: Minecraft Keys to Unlocking Secret Commands Rating: 5 out of 5 stars5/5101 Awesome Builds: Minecraft® Secrets from the World's Greatest Crafters Rating: 4 out of 5 stars4/5
Reviews for ISO/IEC 27001:2022
3 ratings0 reviews
Book preview
ISO/IEC 27001:2022 - Steve Watkins
INTRODUCTION
This pocket guide is intended to meet the needs of two groups:
1. Individual readers who have turned to it as an introduction to a topic that they know little about.
2. Organisations implementing, or considering implementing, some sort of information security management regime, particularly if using ISO/IEC 27001:2022, that wish to raise awareness.
In either case the guide gives readers an understanding of the basics of information security, including:
•A definition of information security;
•How managing information security can be achieved using an approach recognised worldwide as good practice;
•The factors that need to be considered in an information security regime, including how the perimeters of such a scheme can be properly defined;
•How an information security management system (ISMS) can ensure it is maximising the effect of any budget it has;
•Key areas of investment for a business-focused ISMS; and
•How organisations can demonstrate the degree of assurance they offer with regard to information security, how to interpret claims of adherence to the ISO 27001 standard and exactly what that means.
Corporate bodies will find this guide useful at a number of stages in any information security project, including:
•At the decision-making stage, to ensure that those committing to an information security project do so from a suitably informed position;
•At project initiation, as an introduction to information security for the project board, project team members and other key contributors; and
•As part of an ongoing awareness campaign, being made available to all staff ² and to new starters as part of their induction.
Corporate users may find they get the most benefit by making this pocket guide available and adding a small flyer inside it, which explains how various sections relate to their own specific environment, or where the issues raised in this guide are addressed in their own ISMS. For example:
This pocket guide is designed to be read without having to break frequently from the text, but there is a list of abbreviations along with terms and definitions in Chapter 7 for easy reference. Where footnotes have been added they are not essential reading, and it is recommended you ignore these on your first read through if you are new to the subject – on a second reading they will be of more relevance, and particularly if you are involved in an information security project or