Nine Steps to Success : An ISO 27001:2022 Implementation Overview

Nine Steps to Success An ISO 27001:2022 Implementation Overview

Essential guidance for anyone tackling ISO 27001:2022 implementation for the first time.

Bibliographic Details
Main Author: Calder, Alan (-)
Format: eBook
Language:Inglés
Published: Ely : IT Governance Ltd 2024.
Edition:1st ed
Subjects:
Data protection.
Computer security.
Business enterprises > Computer networks > Security measures.
See on Biblioteca Universitat Ramon Llull:https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009843331506719
Table of Contents:
  • Cover
  • Title
  • Copyright
  • About the Author
  • Contents
  • Introduction
  • The ISO 27000 family
  • Before you start
  • Chapter 1: Project mandate
  • Strategic alignment
  • Prioritisation and endorsement
  • Change management
  • The CEO's role
  • The project initiation document
  • Chapter 2: Project initiation
  • Objectives
  • Project management
  • Project leadership
  • Senior management support
  • Project team
  • Project plan
  • Structured approach to implementation
  • Phased approach
  • The project plan
  • Integration with existing security management systems
  • Quality system integration
  • Looking ahead
  • Costs and project monitoring
  • Risk register
  • Chapter 3: ISMS initiation
  • Continual improvement
  • Security improvement plan
  • Expanding the RACI matrix
  • Documentation
  • Four levels of documentation
  • Documentation approaches
  • Control of documents
  • Chapter 4: Management framework
  • Scoping
  • Endpoint security
  • Defining boundaries
  • Network and data flow mapping
  • Cutting corners
  • Formalise key arrangements
  • Information security policy
  • Communication strategy
  • Staff buy-in
  • Chapter 5: Baseline security criteria
  • Chapter 6: Risk management
  • Introduction to risk management
  • Risk assessment
  • Five-step risk assessment process
  • Risk analysis
  • Risk workshop
  • Impacts
  • Controls
  • Risk assessment tools
  • Controls
  • Nature of controls
  • Control selection criteria
  • Statement of Applicability
  • Risk treatment plan
  • Chapter 7: Implementation
  • Competencies
  • The 'all persons' requirement
  • Staff awareness
  • Outsourced processes
  • Chapter 8: Measure, monitor and review
  • Internal audit and testing
  • Management review
  • Chapter 9: Audit
  • Six secrets to certification success
  • ISO 27001 resources
  • Further reading.

Similar Items