Index | Next Item

Guidelines on Requirements and Preparations for ISMS Certification based on ISO/IEC 27001 by Humphreys, T; Plate, A

Guidelines on Requirements and Preparations for ISMS Certification based on ISO/IEC 27001

 by Humphreys, T; Plate, A

Price: £22.99

Discount: 8%
RRP: 25.00

More Details

Description

This book provides guidance to users of ISO/IEC 17799 (BS 7799-1) and ISO/IEC 27001 (BS 7799-2), on the 'Plan, Do, Check, Act' model and the Information Security Management Systems (ISMS) process requirements for organizations preparing for accredited certification.

This book has been updated to include new references and definitions, and additional information about the latest developments regarding certification criteria and other related standards developments. It provides industry accepted best practice methods for providing and demonstrating the evidence required by an assessment auditor.

This document provides guidance on the requirements specified in the ISMS (information security management system) standard ISO/IEC 27001:2005 and the best practice described in ISO/IEC 17799:2005 to support the appropriate use of these standards. It gives guidance on the complete life cycle of ISMS activities required to establish, implement, monitor and continually improve a set of management controls and processes to achieve effective information security.

CONTENTS:

* Scope

    * Field of application

    * Usage

    * Compliance

    * Definitions

    * Related documents

    * The essence of information security

    * Confidentiality

    * Integrity

    * Availability

    * Sensitive or critical information

    * Information security management system (ISMS)

    * ISMS concept

    * Delivering effective information security

    * Ongoing process

    * Shall statements

    * PDCA model

    * Establish the ISMS

    * Implement and operate the ISMS

    * Monitor and review the ISMS

    * Maintain and improve the ISMS

    * System of documentation

    * Requirements

    * Evidence of documentation

    * Control of documentation and records

    * Management responsibility

    * Internal ISMS audits

    * Management review of the ISMS

    * ISMS improvements

    * Certification process

    * Definitions of accreditation and certification

    * Parties involved in certification

    * Accreditation and certification standards

    * ISMS auditor

    * Certification

    * Certificates

    * Preparation for certification

    * Assessment process

    * Audit methodology

    * ISMS scope covering multiple sites

    * Audit trails

    * Audit report

    * Certification decision

    * Surveillance and reassessment procedures

    * Example policy statement

    * Differences between ISO/IEC 27001:2005 and BS 7799-2:2002 33
Published

04 Oct 2005

Publisher

British Standards Institution (BSi)

ISBN

9780580460029

Pages

40

Static Book Details Index Page - Click Here to go to Computer Manuals Website