ISO 27001 ISMS Handbook: Implementing and auditing an Information Security Management System in small and medium-sized businesses
Product ID: 541646518
Buy anything from 5,000+ international stores. One checkout price. No surprise fees. Join 2M+ shoppers on Desertcart.
Desertcart purchases this item on your behalf and handles shipping, customs, and support to UAE.
ISO 27001 ISMS Handbook aims to assist small and medium-sized businesses in implementing and maintaining an information security management system (ISMS) in accordance with the requirements of the international standard ISO/IEC 27001:2022. This handbook assumes that you ultimately want your information security management system to be certified by an accredited certification body. In this book, you will find detailed explanations, more than a hundred examples, and sixty common pitfalls. This book also contains information about the rules of the game and the course of a certification audit. This handbook is also intended to provide information to auditors who must investigate whether an information security management system meets all requirements and has been effectively implemented. ISO 27001 ISMS Handbook focuses on the information security management system (ISMS), and to a lesser extent on the Annex A controls. For a detailed explanation of the 93 Annex A controls, you can use the ISO 27001 Controls Handbook – Implementing and auditing 93 controls to reduce information security risks . Cees van der Wens (1965) studied industrial automation in the Netherlands. In his role as Lead Auditor, the author has carried out dozens of ISO/IEC 27001 certification audits at a wide range of organizations. As a consultant, he has also helped many organizations obtain the ISO/IEC 27001 certificate. Review: It all becomes clear! - This book takes a difficult standard and explains it from the point of view of someone who assesses organizations against it; he has seen many different implementations of it! The standard is stepped through, with clarifying notes and observations throughout, as well as presenting a clear explanation of what the standard is about, and why. The book is very easy to read and understand; if it’s your job to implement the standard, this book makes clear what you have to do. If you are a manager, read the book to understand what you are asking your team to do. I strongly recommend that you read this book BEFORE hiring consultants; after reading the book, if you still don’t feel confident enough to implement the whole system yourself, you will at least have a very clear idea of what you want consultants to do, rather than giving them free reign! If you need ISO 27001, this book should be on your desk! Review: Great book! - One of the few books about ISO 27001 that not only explains what the ISO requirements mean, but also what you should do as an organization. Written very clearly and practically. The examples and common pitfalls iare very helpful. Very nice that I could find a good book about the 2022 version of the ISO 27001 standard, written by an experienced lead auditor. A must have for any information security professional.
| Best Sellers Rank | 69,903 in Books ( See Top 100 in Books ) |
| Customer Reviews | 4.8 out of 5 stars 35 Reviews |
N**S
It all becomes clear!
This book takes a difficult standard and explains it from the point of view of someone who assesses organizations against it; he has seen many different implementations of it! The standard is stepped through, with clarifying notes and observations throughout, as well as presenting a clear explanation of what the standard is about, and why. The book is very easy to read and understand; if it’s your job to implement the standard, this book makes clear what you have to do. If you are a manager, read the book to understand what you are asking your team to do. I strongly recommend that you read this book BEFORE hiring consultants; after reading the book, if you still don’t feel confident enough to implement the whole system yourself, you will at least have a very clear idea of what you want consultants to do, rather than giving them free reign! If you need ISO 27001, this book should be on your desk!
J**.
Great book!
One of the few books about ISO 27001 that not only explains what the ISO requirements mean, but also what you should do as an organization. Written very clearly and practically. The examples and common pitfalls iare very helpful. Very nice that I could find a good book about the 2022 version of the ISO 27001 standard, written by an experienced lead auditor. A must have for any information security professional.
K**.
Very usefull book
Great 27001:2022 book with lot of usefull examples.
J**E
Thoe book seems to cover the topics for Access & Security Control.
Love the content in the books, I haven't had chance to read the books as yet, but they look well structured. I am currently focus on completing some other courses before reading through these books for the ISO 27001 Lead Implementer exam and NIST. Looks very informative.
C**G
Good quality product. Good shopping experience.
Good quality product. Good shopping experience.
F**O
The best book about ISO27001 I've ever read
This is the best book about the standard I've ever read. The author gives us many tips, examples, and practice activities to meet the requirements. If you need to understand the standard AND implement an ISMS, this book is for you!
Trustpilot
2 weeks ago
2 weeks ago