Skip to Main Content
Learn for less: Save 10% on high-quality foundation and auditor training. Find out more
ISO 27001 controls – A guide to implementing and auditing

ISO 27001 controls – A guide to implementing and auditing

SKU: 5404
Authors: Bridget Kenyon
Publishers: ITGP
Format: PDF
ISBN13: 9781787781450
Pages: 175
Published: 16 Sep 2019
Availability: Available now
Format: ePub
ISBN13: 9781787781467
Pages: 175
Published: 16 Sep 2019
Availability: Available now
Format: Audiobook

Ideal for information security managers, auditors, consultants and organisations preparing for ISO 27001 certification, this book will help readers understand the requirements of an ISMS (information security management system) based on ISO 27001.

Buy now, pay later! Enjoy the benefits of paying by purchase order with an IT Governance corporate account.  Apply online today or call our service centre team on +44 (0)333 800 7000.

Paperback formats are available for all IT Governance Publishing titles on request.
Please contact us for further information:

team@itgovernancepublishing.co.uk +44 (0)333 666 9000

Options:
Price: £29.95
Overview

A must-have resource for anyone looking to establish, implement and maintain an ISMS.

Ideal for information security managers, auditors, consultants and organisations preparing for ISO 27001 certification, this book will help readers understand the requirements of an ISMS (information security management system) based on ISO 27001. Similarly, for anyone involved in internal or external audits, the book includes the definitive requirements that auditors must address when certifying organisations to ISO 27001.


The book covers:

  • Implementation guidance – what needs to be considered to fulfil the requirements of the controls from ISO/IEC 27001, Annex A. This guidance is aligned with ISO/IEC 27002, which gives advice on implementing the controls; 
  • Auditing guidance – what should be checked, and how, when examining the ISO/IEC 27001 controls to ensure that the implementation covers the ISMS control requirements. 

The implementation guidance gives clear descriptions covering what needs to be considered to achieve compliance against the requirements, with examples given throughout.

The auditing guidance covers what evidence an auditor should look for in order to satisfy themselves that the requirement has been met. Useful for internal auditors and consultants, the auditing guidance will also be useful for information security managers and lead implementers as a means of confirming that their implementation and evidence to support it will be sufficient to pass an audit.


This guide is intended to be used by those involved in:

  • Designing, implementing and/or maintaining an ISMS;
  • Preparing for ISMS audits and assessments; or
  • Undertaking both internal and third-party ISMS audits and assessments
About the author

Bridget Kenyon

Bridget Kenyon (CISSP) is global CISO for Thales eSecurity. Her experience in information security started in 2000 with a role in network vulnerabilities at DERA, following which she has been a PCI Qualified Security Assessor, information security officer for Warwick University and head of information security for UCL, and has held a variety of roles in consultancy and academia.

Bridget has been contributing to international standards since 2006, when she first joined BSI Panel 1, coordinating development of information security management system standards; she is currently editor for ISO/IEC 27014. Bridget has also co-authored three textbooks on information security. She strongly believes that “information security is fundamental to reliable business operations, not a nice-to-have”. In 2018, she was named one of the top 25 women in tech by UK publication PCR.

Customer Reviews

(4.88)stars out of 5
Number of reviews: 8
1. on 14/04/2023, said:
5 stars out of 5
Great book, highly recommend. It's well written, great structure and is helping me ensure our ISMS is improved and helping prepare for audits.
2. on 04/10/2022, said:
5 stars out of 5
Really helpful in understanding the acceptance criteria for completing controls.
3. on 13/07/2022, said:
5 stars out of 5
I bought this book as i do the internal auditing for my company and its been so helpful! 100% recommend
4. on 24/03/2022, said:
5 stars out of 5
Highly recommended - Will prove a massive help in referencing in the future - received really quickly in the post too!!!
5. on 16/03/2022, said:
5 stars out of 5
Purchased to support my role as Infosec Lead for my company - is certainly a useful and insightful publication - have purchased many high quality materials from IT Governance and this is no exception - recommended
6. on 20/07/2021, said:
5 stars out of 5
Used this to rewrite an existing MS for 27001, and for refreshing my lead auditor/implementer knowledge, and it proved so useful in revitalising the structure of the MS, and setting the standard for other MS's to be used in my organisation. Great information, well presented and helped ensure the MS has what it needs and no unnecessary content. I'd say this is a "must have".
7. on 17/02/2021, said:
5 stars out of 5
I purchased this to support the creation of audit checklists for the ISMS I am writing. I found this really useful for setting audit questions and the guidance for both audit evidence requirements and guidance for ISMS implementation are really good, detailed and easy to understand.
8. on 06/02/2020, said:
4 stars out of 5
Simple easy to digest format clarifying objectives, rationale, controls and audit expectations. Useful pre-reading for impact assessment and project planning.
Showing comments 1-8 of 8
This website uses cookies. View our cookie policy
SAVE 10%
ON SELECTED
TRAINING
Loading...