Aligned with the latest iteration of ISO 27001:2013, this third edition
of the original, no-nonsense guide to successful ISO 27001 certification
is ideal for anyone tackling ISO 27001 for the first time. In nine
critical steps, the guide covers each element of the ISO 27001 project
in simple, non-technical language. Contents include: -Creating a
management framework and performing a gap analysis -Structuring and
resourcing your project, including advice on whether to do it yourself
or use a consultant -Conducting a five-step risk assessment, and
creating a Statement of Applicability (SoA) and a risk treatment plan
(RTP) -Integrating your ISO 27001 information security management system
(ISMS) with an ISO 9001 quality management system (QMS) and other
management systems -Addressing documentation challenges you'll face as
you create business policies, procedures, work instructions, and records
-Continual improvement of your ISMS -The six secrets to certification
success Alan Calder knows ISO 27001 inside out. As the founder and
executive chairman of IT Governance, he led the management system
implementation that achieved the world's first accredited certification
to BS 7799 - the forerunner to ISO 27001; he has been working with the
Standard ever since. Hundreds of organizations around the world have
achieved accredited certification to ISO 27001 with IT Governance's
guidance, which is distilled in this book.
