万本电子书0元读

万本电子书0元读

顶部广告

ISO 27001 Annex A Controls in Plain English电子书

售       价:¥

15人正在读 | 0人评论 9.8

作       者:Dejan Kosutic

出  版  社:Advisera Expert Solutions Ltd

出版时间:2017-09-15

字       数:9.3万

所属分类: 进口书 > 外文原版书 > 法律/政治/宗教

温馨提示:此类商品不支持退换货,不支持下载打印

为你推荐

  • 读书简介
  • 目录
  • 累计评论(0条)
  • 读书简介
  • 目录
  • 累计评论(0条)
In this book, Dejan Kosutic, author and experienced information security consultant, is giving away his practical know-how on ISO 27001 security controls. No matter if you are new or experienced in the field, this book teaches you everything you need to know about security controls. ISO 27001 Annex A Controls in Plain English is written primarily for beginners to ISO 27001, and for people with moderate knowledge about Annex A of the standard and the 114 security controls that are found in the Annex. It is structured in such a way that someone with no prior experience or knowledge about information security can quickly understand what they are all about; however, if you do have experience with ISO 27001, but feel that you still have gaps in your knowledge, you’ll also find this book very helpful. Kosutic uses plain English to explain everything you need to know about security controls in ISO 27001, as well as the differences between the controls in Annex A of ISO 27001 and in ISO 27002. Also, you will learn everything about the crucial link between risk management and security controls, and get a complete overview of Annex A controls starting from the introduction, structuring of the documentation, and instructions on how to write detailed information security policies, all the way to the requirements for compliance. Written in simple language and avoiding the technical jargon, ISO 27001 Annex A Controls in Plain English is the right book to start learning about the subject.
目录展开

COVER

ABOUT THE AUTHOR

PREFACE

ACKNOWLEDGMENTS

1 INTRODUCTION

1.1 Who should read this book?

1.2 What this book is not

1.3 ISO 27001 vs. ISO 27002

1.4 The crucial link between risk management and security controls

1.5 Information security vs. IT security

1.6 ISO 27001 puts it all together

1.7 Additional resources

2 OVERVIEW OF ANNEX A CONTROLS

2.1 Introduction to ISO 27001 Annex A

2.2 Structure of Annex A

2.3 Structuring the documentation for Annex A

2.4 Information security policies (A.5)

2.5 Organization of information security (A.6)

2.6 Human resources security (A.7)

2.7 Asset management (A.8)

2.8 Access control (A.9)

2.9 Cryptography (A.10)

2.10 Physical and environmental security (A.11)

2.11 Operational security (A.12)

2.12 Communications security (A.13)

2.13 System acquisition, development and maintenance (A.14)

2.14 Supplier relationships (A.15)

2.15 Information security incident management (A.16)

2.16 Information security aspects of business continuity management (A.17)

2.17 Compliance (A.18)

2.18 Success factors

3 ISO 27001 MINI CASE STUDIES

3.1 Applying secure engineering principles in a software development company

3.2 Awareness raising in a government agency

3.3 Listing laws, regulations and other requirements in a European bank

3.4 Writing the information security policies in a manufacturing company

3.5 Implementing ISO 27001 in data centers – An interview

GLOSSARY

BIBLIOGRAPHY

累计评论(0条) 0个书友正在讨论这本书 发表评论

发表评论

发表评论,分享你的想法吧!

买过这本书的人还买过

读了这本书的人还在读

回顶部