Kenyon, Bridget,
ISO 27001 controls : a guide to implementing and auditing / Bridget Kenyon. - Second edition. - 1 online resource (249 pages) - ITpro collection .
Includes bibliographical references.
Ideal for information security managers, auditors, consultants and organisations preparing for ISO 27001:2022 certification, this book will help readers understand the requirements of an ISMS (information security management system) based on ISO 27001:2022. Similarly, for anyone involved in internal or external audits, the book includes the definitive requirements that auditors must address when certifying organisations to ISO 27001:2022. The auditing guidance covers what evidence an auditor should look for to satisfy themselves that the requirement has been met. This guidance is useful for internal auditors and consultants, as well as information security managers and lead implementers as a means of confirming that their implementation and evidence to support it will be sufficient to pass an audit.
9781787784307 9781787784321
Business enterprises--Computer networks--Security measures--Auditing.
Computer security--Management--Standards.
Data protection--Management--Standards.
Confidential business information.
Risk management--Evaluation.
Risk assessment.
Electronic books.
QA76.9.A25 / K46 2024
ISO 27001 controls : a guide to implementing and auditing / Bridget Kenyon. - Second edition. - 1 online resource (249 pages) - ITpro collection .
Includes bibliographical references.
Ideal for information security managers, auditors, consultants and organisations preparing for ISO 27001:2022 certification, this book will help readers understand the requirements of an ISMS (information security management system) based on ISO 27001:2022. Similarly, for anyone involved in internal or external audits, the book includes the definitive requirements that auditors must address when certifying organisations to ISO 27001:2022. The auditing guidance covers what evidence an auditor should look for to satisfy themselves that the requirement has been met. This guidance is useful for internal auditors and consultants, as well as information security managers and lead implementers as a means of confirming that their implementation and evidence to support it will be sufficient to pass an audit.
9781787784307 9781787784321
Business enterprises--Computer networks--Security measures--Auditing.
Computer security--Management--Standards.
Data protection--Management--Standards.
Confidential business information.
Risk management--Evaluation.
Risk assessment.
Electronic books.
QA76.9.A25 / K46 2024