finelybook
IT Governance: An international guide to data security and ISO 27001/ISO 27002, Eighth edition
Author(s): Alan Calder (Author), Steve Watkins (Author)
- Publisher finelybook 出版社: Itgp
- Publication Date 出版日期: October 17, 2024
- Edition 版本: 8th ed.
- Language 语言: English
- Print length 页数: 506 pages
- ISBN-10: 1787785548
- ISBN-13: 9781787785540
Book Description
In this updated edition, renowned ISO 27001/27002 experts Alan Calder and Steve Watkins:
- Discuss the ISO 27001/27002:2022 updates;
- Provide guidance on how to establish a strong IT governance system and an ISMS (information security management system) that complies with ISO 27001 and ISO 27002;
- Highlight why data protection and information security are vital in our ever-changing online and physical environments;
- Reflect on changes to international legislation, e.g. the GDPR (General Data Protection Regulation); and
- Review key topics such as risk assessment, asset management, controls, security, supplier relationships and compliance.
Fully updated to align with ISO 27001/27002:2022
IT Governance – An international guide to data security and ISO 27001/ISO 27002, Eighth edition provides:
- Expert information security management and governance guidance based on international best practice;
- Guidance on how to protect and enhance your organisation with an ISO 27001:2022-compliant ISMS; and
- Discussion around the changes to international legislation, including ISO 27001:2022 and ISO 27002:2022.
As cyber threats continue to increase in prevalence and ferocity, it is more important than ever to implement a secure ISMS to protect your organisation. Certifying your ISMS to ISO 27001 and ISO 27002 demonstrates to customers and stakeholders that your organisation is handling data securely.
Editorial Reviews
About the Author
Steve Watkins is a director of Kinsnall Consulting Ltd, which provides strategic and tactical advice and training on cyber security, information security and privacy standards, and certification schemes.He is a contracted technical assessor for UKAS, conducting assessments of certification bodies offering ISMS/ISO 27001, PIMS/ISO 27701 and ITSMS/ISO 20000-1 accredited certification. He also undertakes information security assessments of forensic science laboratories seeking accreditation to the Forensic Science Regulator’s codes of practice and conduct.Steve is a member of ISO/IEC JTC 1/SC 27, the international technical committee responsible for information security, cyber security and privacy protection standards, where he is a co-editor of ISO/IEC 27006-1. He chairs IST 33, the UK national standards body’s technical committee that mirrors SC 27, and is a member of the European Commission’s Stakeholder Cybersecurity Certification Group (SCCG).Steve started working with ISMS standards in 1997. He has since supported a wide range of training and consultancy clients working with ISO/IEC 27001, including globally recognised brands, public-sector organisations and a wide selection of SMEs. Steve was a director of IT Governance Ltd from 2008 and on the board of GRC International Group PLC through to May 2021.
