عنوان
پدید آورنده
موضوع
رده
HD 30.38 .W3 2008
HD
30
.
38
.
W3
2008
کتابخانه
محل استقرار
OTHER STANDARD IDENTIFIER
Standard Number
electronic
TITLE AND STATEMENT OF RESPONSIBILITY
First Statement of Responsibility
Watkins, Steve G.
Title Proper
An Introduction to Information Security and ISO 27001 : A Pocket Guide
.PUBLICATION, DISTRIBUTION, ETC
Place of Publication, Distribution, etc.
Ely
Name of Publisher, Distributor, etc.
IT Governance
Date of Publication, Distribution, etc.
2008
PHYSICAL DESCRIPTION
Specific Material Designation and Extent of Item
viii, 44 p. : ill. ; 17 cm
NOTES PERTAINING TO TITLE AND STATEMENT OF RESPONSIBILITY
Text of Note
Steve G. Watkins
NOTES PERTAINING TO RESPONSIBILITY
Text of Note
This new pocket guide will suit both individuals who need an introduction to a topic that they know little about, and also organizations implementing, or considering implementing, some sort of information security management regime, particularly if using ISO/IEC 27001. The guide furnishes readers with an understanding of the basics of information security, including: * A definition of what information security means. * How managing information security can be achieved using an approach recognised world-wide. * The sorts of factors that need to be considered in an information security regime, including how the perimeters of such a scheme can be properly defined. * How an information security management system can ensure it is maximising the effect of any budget it has. * What sort of things resources might be invested in to deliver a consistent level of assurance. * How organizations can demonstrate the degree of assurance they offer with regards to information security, how to interpret claims of adherence to the ISO 27001 standard and exactly what it means. Corporate bodies will find this book useful at a number of stages in any information security project, including: * At the decision-making stage; to ensure that those committing to an information security project do so from a truly informed position. * At project initiation stage, as an introduction to information security for the project board, project team members and those on the periphery of the project. * As part of an on-going awareness campaign, being made available to all staff and to new starters as part of their introduction to the company. The guide is designed to be read without having to frequently break from the text, there is also a list of abbreviations along with terms and definitions in chapter 7 for easy reference
CONTENTS NOTE
Text of Note
IntroductionChapter 1: Information Security - What's That?Chapter 2: It's Not ITChapter 3: ISO10072 and the Management System Requirements Chapter 4: Information Assets and the Information Security Risk Assessment Chapter 5: Information Security ControlsChapter 6: Certification Chapter 7: SignpostingITG Resources
TOPICAL NAME USED AS SUBJECT
Entry Element
، Computer security
Entry Element
، Network security
Entry Element
، COMPUTERS / Security / General
LIBRARY OF CONGRESS CLASSIFICATION
Class number
HD
30
.
38
.
W3
2008
PERSONAL NAME - PRIMARY RESPONSIBILITY
Relator Code
AU
NO
