ISO 27001 ISMS Handbook: Implementing and auditing an Information Security Management System in small and medium-sized businesses
Product ID: 541646512
Buy anything from 5,000+ international stores. One checkout price. No surprise fees. Join 2M+ shoppers on Desertcart.
Desertcart purchases this item on your behalf and handles shipping, customs, and support to OMAN.
ISO 27001 ISMS Handbook aims to assist small and medium-sized businesses in implementing and maintaining an information security management system (ISMS) in accordance with the requirements of the international standard ISO/IEC 27001:2022. This handbook assumes that you ultimately want your information security management system to be certified by an accredited certification body. In this book, you will find detailed explanations, more than a hundred examples, and sixty common pitfalls. This book also contains information about the rules of the game and the course of a certification audit. This handbook is also intended to provide information to auditors who must investigate whether an information security management system meets all requirements and has been effectively implemented. ISO 27001 ISMS Handbook focuses on the information security management system (ISMS), and to a lesser extent on the Annex A controls. For a detailed explanation of the 93 Annex A controls, you can use the ISO 27001 Controls Handbook – Implementing and auditing 93 controls to reduce information security risks . Cees van der Wens (1965) studied industrial automation in the Netherlands. In his role as Lead Auditor, the author has carried out dozens of ISO/IEC 27001 certification audits at a wide range of organizations. As a consultant, he has also helped many organizations obtain the ISO/IEC 27001 certificate. Review: Thoe book seems to cover the topics for Access & Security Control. - Love the content in the books, I haven't had chance to read the books as yet, but they look well structured. I am currently focus on completing some other courses before reading through these books for the ISO 27001 Lead Implementer exam and NIST. Looks very informative. Review: The best book about ISO27001 I've ever read - This is the best book about the standard I've ever read. The author gives us many tips, examples, and practice activities to meet the requirements. If you need to understand the standard AND implement an ISMS, this book is for you!
| Best Sellers Rank | #1,122,308 in Books ( See Top 100 in Books ) #94 in Business School Guides (Books) #645 in Graduate Test Guides #3,612 in Test Prep & Study Guides |
| Customer Reviews | 4.8 out of 5 stars 35 Reviews |
J**E
Thoe book seems to cover the topics for Access & Security Control.
Love the content in the books, I haven't had chance to read the books as yet, but they look well structured. I am currently focus on completing some other courses before reading through these books for the ISO 27001 Lead Implementer exam and NIST. Looks very informative.
F**O
The best book about ISO27001 I've ever read
This is the best book about the standard I've ever read. The author gives us many tips, examples, and practice activities to meet the requirements. If you need to understand the standard AND implement an ISMS, this book is for you!
A**O
Great to learn about ISO 270001
Really enjoy this book
J**.
Great book!
One of the few books about ISO 27001 that not only explains what the ISO requirements mean, but also what you should do as an organization. Written very clearly and practically. The examples and common pitfalls iare very helpful. Very nice that I could find a good book about the 2022 version of the ISO 27001 standard, written by an experienced lead auditor. A must have for any information security professional.
K**.
Very usefull book
Great 27001:2022 book with lot of usefull examples.
N**S
It all becomes clear!
This book takes a difficult standard and explains it from the point of view of someone who assesses organizations against it; he has seen many different implementations of it! The standard is stepped through, with clarifying notes and observations throughout, as well as presenting a clear explanation of what the standard is about, and why. The book is very easy to read and understand; if it’s your job to implement the standard, this book makes clear what you have to do. If you are a manager, read the book to understand what you are asking your team to do. I strongly recommend that you read this book BEFORE hiring consultants; after reading the book, if you still don’t feel confident enough to implement the whole system yourself, you will at least have a very clear idea of what you want consultants to do, rather than giving them free reign! If you need ISO 27001, this book should be on your desk!
C**G
Good quality product. Good shopping experience.
Good quality product. Good shopping experience.
J**D
Well-written and useful for the experienced, but lacks an overview of the Standard
Overall, the book is a well-written guide for those familiar with the ISO 27001 standard, and the author has done a commendable job. In my opinion, before delving into the Standard, the book should include an introductory chapter explaining the basics of ISO 27001 and its core concepts at a high level—e.g., provide an informal/formal definition of Information Security Management System (ISMS), etc. Secondly, the author often plays with the abstract nature of the standard as to avoid providing concrete definitions (even informal ones), which sometimes frustrates readers seeking practical guidance. Some paragraphs are repeated verbatim (e.g., discussing the benefits of keeping documentation in different chapters), which can be mildly annoying. Additionally, paragraphs starting with "Question:... Answer:" sound a bit professor-like. Finally, at €40, I think it is a bit pricey for a paperback and independently published work. Despite this, I believe the book may be a useful guide for experienced professionals seeking a second opinion on some obscure points in the standard.
Trustpilot
1 week ago
2 months ago