Information Security Risk Management Handbook: Handbook for ISO/IEC 27001 - Couverture souple

Humphreys, Ted

 
9780580607455: Information Security Risk Management Handbook: Handbook for ISO/IEC 27001
Couverture souple
ISBN 10 : 0580607453 ISBN 13 : 9780580607455
Editeur : BSI British Standards Institution, 2010

Synopsis

Information Security Risk Management Handbook International standard ISO/IEC 27001 is a world recognized standard for establishing, implementing, monitoring and reviewing, updating and improving an ISMS. This book focuses on the concept of having an information security management system (ISMS) as a framework for achieving the effective management of information security risks. Full description

Les informations fournies dans la section « Synopsis » peuvent faire référence à une autre édition de ce titre.

Présentation de l'éditeur

This book is a practical handbook for the use and application of ISO/IEC 27005. It provides guidance and advice to specifically support the implementation of those requirements specified in ISO/IEC 27001:2005 that relate to risk management processes and associated activities. The focus of this book is based around the concept of having an information security management system (ISMS) as a framework for achieving the effective management of information security risks. International standard ISO/IEC 27001 is a world recognised standard for establishing, implementing, monitoring and reviewing, updating and improving an ISMS. ISO/IEC 27005 is an ISMS risk management standard that supports the implementation of ISO/IEC 27001. This book is aimed at those business managers and staff involved in ISMS risk management activities. It is a practical handbook for the use and application of ISO/IEC 27005. It provides guidance and advice to specifically support the implementation of those requirements specified in ISO/IEC 27001:2005 that relate to risk management processes and associated activities. Contents include: Introduction, Nature of the Information Security Risk Landscape, Risk Management Framework, Risk Assessment, Risk Treatment, System of Risk Controls, Risk Monitoring and Reviews, Risk Control Improvements, Documentation System, Audits and Reviews, Standards, Definitions, Examples of legal and regulatory compliance, Examples of assets, threats, vulnerabilities and risk assessment methods.

Biographie de l'auteur

Edward Humphreys (Chartered Fellow of the BCS - FBCS CITP, CISM) is Director of XiSEC Consultants Ltd, a UK company providing Information Security Management consultancy services around the world. He has been an expert in the field of information security and risk management for more than 35 years. During this time he has worked for major international companies (in Europe, North America and Asia), as well organisations such as the European Commission and the OECD. He is the editor of BS 7799 Part 1:1999, ISO/IEC 17799:2000, the 1999 and 2002 editions of BS 7799 Part 2 the ISMS standard and the EA 7/03 the ISMS accreditation guidelines. He is the Founder and Director of the ISMS International User Group and is responsible for the International Register of BS 7799/ISMS Certificates. In 2002 he was honoured with the Secure Computing Lifetime Achievement Award.

Les informations fournies dans la section « A propos du livre » peuvent faire référence à une autre édition de ce titre.

Éditeur
BSI British Standards Institution
Date d'édition
2010
Langue
anglais
ISBN 10 
0580607453
ISBN 13 
9780580607455
Reliure
Broché
Nombre de pages
143
Coordonnées du fabricant
non disponible
Personne responsable
non disponible