What do you get with eBook?

Instant access to your Digital eBook purchase

Download this book in EPUB and PDF formats

Access this title in our online reader with advanced features

DRM FREE - Read whenever, wherever and however you want

AI Assistant (beta) to help accelerate your learning

Key benefits

Familiarize yourself with the clauses and control references of ISO/IEC 27001:2022

Define and implement an information security management system aligned with ISO/IEC 27001/27002:2022

Conduct management system audits to evaluate their effectiveness and adherence to ISO/IEC 27001/27002:2022

Description

ISO 27001 and ISO 27002 are globally recognized standards for information security management systems (ISMSs), providing a robust framework for information protection that can be adapted to all organization types and sizes. Organizations with significant exposure to information-security–related risks are increasingly choosing to implement an ISMS that complies with ISO 27001. This book will help you understand the process of getting your organization's information security management system certified by an accredited certification body. The book begins by introducing you to the standards, and then takes you through different principles and terminologies. Once you completely understand these standards, you’ll explore their execution, wherein you find out how to implement these standards in different sizes of organizations. The chapters also include case studies to enable you to understand how you can implement the standards in your organization. Finally, you’ll get to grips with the auditing process, planning, techniques, and reporting and learn to audit for ISO 27001. By the end of this book, you’ll have gained a clear understanding of ISO 27001/27002 and be ready to successfully implement and audit for these standards.

Who is this book for?

This book is for information security professionals, including information security managers, consultants, auditors, officers, risk specialists, business owners, and individuals responsible for implementing, auditing, and administering information security management systems. Basic knowledge of organization-level information security management, such as risk assessment, security controls, and auditing, will help you grasp the topics in this book easily.

What you will learn

Develop a strong understanding of the core principles underlying information security

Gain insights into the interpretation of control requirements in the ISO 27001/27002:2022 standard

Understand the various components of ISMS with practical examples and case studies

Explore risk management strategies and techniques

Develop an audit plan that outlines the scope, objectives, and schedule of the audit

Explore real-world case studies that illustrate successful implementation approaches

What do you get with eBook?

Instant access to your Digital eBook purchase

Download this book in EPUB and PDF formats

Access this title in our online reader with advanced features

DRM FREE - Read whenever, wherever and however you want

AI Assistant (beta) to help accelerate your learning

Frequently bought together

NZ$73.99

NZ$65.99

Mastering Information Security Compliance Management

NZ$58.99

Total NZ$ 198.97

Terence Hamilton Aug 25, 2023

The authors and reviewers have more than 30 years of combined experience, auditing, developing strategies, implementing globally recognized standards and frameworks to provide Information Security Management Systems for various organizations worldwide! They provided examples of past breaches and their costs in the millions!The book concisely revealed how implementing an Information Security Management System or (ISMS) using the standards mentioned in the book will help to assess the company and potentially discover any threats to their data and then develop strategies to counteract those threats. I liked how concise the information is and I am not left guessing anything.The book cleared up many misconceptions for me and I now understand, on a deeper level, the importance of having a properly structured ISMS in place that adheres to the underlying Confidentiality, Integrity and Availability or (CIA) framework of the ISO/IEC 27000 Information Security Standards. Also, the strategies to implement the standards within organizations.

Amazon Verified review

Cristian R. Sep 01, 2023

I recently got the opportunity to read "Mastering Information Security Compliance Management" by Adarsh Nair and Greeshma M. R. from Packt provided to me by Shruthi Setty. Starting with the CIA triad right off the bat followed by an overview of some of the most important sets of standards, this book knocks it out of the park from chapter one. With a solid overview of ISO 27001 and even diving into Risk Management and Information Security Incident Management, it provides the reader a great insight into the real world considerations surrounding not only compliance, but also security. With the need to validate compliance, the dive into auditing concepts was broad and deep enough to prepare the reader to embark on their journey towards the "Auditor" title. Sprinkling in some use cases really rounded off the material with clear examples 'in action' so to speak. All in all, I would definitely recommend this book.

Amazon Verified review

Dwayne Natwick Sep 10, 2023

The process and framework for security, risk, and compliance should be important to the entire organization and a focus on all information systems and applications. Packt publishing's Mastering Information Security Compliance Management from Adarsh Nair and Greeshma M R provide an in-depth guide to create the management and monitoring framework for security and compliance with the ISO 27001 standards and recommendations. If you are building a security and risk management program, this book is for you.

Amazon Verified review

Georgie Kurien Oct 10, 2023

"Mastering Information Security Compliance Management: A comprehensive handbook on ISO/IEC 27001:2022 compliance," co-authored by Adarsh Nair, the Head of Information Security at UST, and Greeshma M. R., a qualified Information Security Auditor and entrepreneur, serves as a masterclass in understanding and implementing the ISO/IEC 27001:2022 standards. The book methodically dissects the intricate facets of Information Security Management System (ISMS) by dedicating individual chapters to its various components, from foundational principles to audit reporting.Adarsh Nair and Greeshma's expertise shines brightly, allowing readers to delve deep into the operational model of ISO 27001, comprehend its benefits, and understand the processes vital for accreditation. The book’s layout is logically structured, providing step-by-step guidance on developing a robust ISMS, while also emphasizing the critical role of risk management and comprehensive incident management plans.Real-world case studies punctuate the text, offering invaluable practical insights and grounding theoretical concepts in tangible scenarios. The chapters on auditing principles, processes, and competencies are particularly enlightening, revealing the meticulousness and professionalism required in the auditing process.Conclusively, this handbook is indispensable for organizations aiming to implement the ISO 27001:2022-based ISMS or professionals aspiring to make their mark in the ISMS domain. A thorough, well-structured, and expertly written guide, this book is set to become the gold standard in the realm of information security compliance management.

Amazon Verified review

CBR Oct 03, 2023

This book is a must have for anyone who wants to dive into security standards, management systems, incident management, and auditing. Mastering Information SecurityCompliance Management covers a vast amount of topics and details so you can become familiar with many important aspects of information security. Real-life case studies help cement and support the applications you learn about.

Amazon Verified review

Mastering Information Security Compliance Management: A comprehensive handbook on ISO/IEC 27001:2022 compliance

What do you get with eBook?