Buch, Englisch, 416 Seiten, Format (B × H): 156 mm x 234 mm
Compliance for Global Data Security Excellence (ISO 27001, ISO 27002 and Soc 2)
Buch, Englisch, 416 Seiten, Format (B × H): 156 mm x 234 mm
ISBN: 978-1-3986-1891-6
Verlag: Kogan Page
In an era where cybersecurity threats are escalating and complex global regulations are intensifying, the need for a comprehensive, actionable guide to ISO 27001, ISO 27002 and SOC 2 is more critical than ever.Information Security Management provides an essential resource for building or improving a robust information security management system that achieves ISO 27001 and SOC 2 compliance. Drawing on best practice recommendations from ISO 27002, managers and leaders will learn not only how to achieve cybersecurity excellence but also how to gain buy-in from the wider business for long-term, effective change. It is supported by actionable strategies and checklists, making it a practical guide for immediate implementation in any organization.
Unique in its approach, this book shows how ISO 27001 compliance can serve as a foundational framework for achieving SOC 2 certification. It also features real-world examples of companies that have successfully implemented strong information security management systems and is supported by insights from industry experts, auditors and consultants on best practices and common pitfalls. Showing how organizations can implement ISO 27001, IS0 27002 and SOC 2, Information Security Management demonstrates how to build an information security management system built for compliance and long-term success in today's complex landscape.
Clarke
Information Security Management jetzt bestellen!
Autoren/Hrsg.
Fachgebiete
- Wirtschaftswissenschaften Betriebswirtschaft Management Wissensmanagement
- Wirtschaftswissenschaften Wirtschaftssektoren & Branchen Medien-, Informations und Kommunikationswirtschaft Informationstechnik, IT-Industrie
- Mathematik | Informatik EDV | Informatik Computerkommunikation & -vernetzung Netzwerksicherheit
- Mathematik | Informatik EDV | Informatik Technische Informatik Computersicherheit
Weitere Infos & Material
- Section - ONE: Foundations of ISO 27001, Objective Setting, Internal Auditing, Strategic Advantages, and Risks of Technical Decision Making
- Chapter - 01: introduction to ISO 27001;
- Chapter - 02: Historical Evolution: From BS7799 to ISO 27001;
- Chapter - 03: Demystifying ISO 27001: Objectives to Training;
- Chapter - 04: Creating Objectives, KPIs, and Metrics;
- Chapter - 05: Internal Audit and Gap Analysis;
- Chapter - 06: Continuous Auditing;
- Chapter - 07: Strategic Advantages of ISO 27001;
- Chapter - 08: Risks of Relying on Technical Decision Making;
- Section - TWO: Practical Applications, Leadership, and Documentation
- Chapter - 09: Practical Cyber Risk Mitigation Plans;
- Chapter - 10: Comprehensive Audit Management;
- Chapter - 11: Expert Documentation & Procedures;
- Chapter - 12: Presenting Documentation for Steering Group Approval;
- Chapter - 13: Architecture of Documents;
- Chapter - 14: Leadership in Steering Group Management;
- Section - THREE: Excellence in Auditing, Stakeholder Engagement, Leadership Buy-in, and Leveraging Key Domains under ISO 27001
- Chapter - 15: Preparing for Audit;
- Chapter - 16: Briefing Stakeholders;
- Chapter - 17: Ensuring Senior Leadership Buy-in;
- Chapter - 18: Detailed Audit Micro-management;
- Chapter - 19: Exceeding Industry Benchmarks;
- Chapter - 20: Continuous Support & Expertise;
- Chapter - 21: Leveraging Key Domains for ISO 27001 Excellence;
- Section - FOUR: Designing Awareness and Training Programs, Challenges, Nonconformity Management, Technical Audits Integration, Responsibilities, and Strategic Incident Management
- Chapter - 22: Designing Awareness and Training Programs;
- Chapter - 23: Challenges in ISO 27001 Implementation;
- Chapter - 24: Managing Nonconformities;
- Chapter - 25: Integrating Results of Technical Audits into ISO Management;
- Chapter - 26: Joint, Shared, Cost, and Regulatory Responsibilities;
- Chapter - 27: Leveraging Incident Response and Vendor Due Diligence;
- Chapter - 28: Business Continuity Planning and Influencing Incident Outcomes;
- Chapter - 29: Change Control and Best Practice Implementation Auditing;
- Chapter - 30: Building an SOA (Statement of Applicability);
- Section - FIVE: The Future of ISO 27001, Regulatory Compliance, and A Legacy of Excellence
- Chapter - 31: Bridging ISO 27001 with SOC2;
- Chapter - 32: Navigating the Surge of Global Cyber and Data Regulations;
- Chapter - 33: Understanding WISP: Mandates Across 25 US States;
- Chapter - 34: Expertise in ISO 27001 and Beyond: A Legacy of Excellence;
- Chapter - 35: A Journey from BS7799 to ISO 27001;
- Chapter - 36: Proven Documentation & Global Recognition;
- Chapter - 37: ISO 27001 as a Business Enabler;
- Chapter - 38: Board and Senior Management Engagement;
- Chapter - 39: Holistic Integration: Transactionally, Intellectually, and Operationally;
- Chapter - 40: The Surge of Cyber and Data Regulation;
- Chapter - 41: A Legacy Since 2005
Bitte ändern Sie das Passwort
