The Case for ISO27001 : 2013.

Cover -- Title -- Copyright -- About the Author -- Acknowledgement -- Contents -- Introduction -- Chapter 1: Information Economy, Intellectual Capital -- Executive summary -- The information economy -- Intellectual capital -- ISO27001 -- Chapter 2: Information, IT and Competitiveness -- Executive summary -- Academic research -- Competitive environment -- ISO27001 -- Chapter 3: Information Threats -- Executive summary -- Threats -- Attack categories -- ISO27001 -- Chapter 4: Insecurity Impacts -- Executive summary -- Types of impact -- ISO27001 -- Chapter 5: 'Traditional' Threats -- Executive summary -- Viruses and hackers -- Spam -- Commercial espionage -- Insider threats -- Fraud -- Staff -- Systems failures -- ISO27001 -- Chapter 6: Information Risk in Large Organisations -- Executive summary -- Threats to larger organisations -- Vulnerabilities in larger organisations -- Impacts on larger organisations -- Data protection and privacy regulation in larger organisations -- ISO27001 -- Chapter 7: Organised Crime -- Executive summary -- Impacts of organised crime -- ISO27001 -- Chapter 8: Terrorism -- Executive summary -- Cyber-capabilities -- ISO27001 -- Chapter 9: Evolving Threat Environment -- Executive summary -- Key trends -- ISO27001 -- Chapter 10: Regulatory Compliance -- Executive Summary -- The regulatory conundrum -- ISO27001 -- Chapter 11: Data Protection and Privacy -- Executive summary -- Privacy and data protection -- OECD Guidelines -- EU Regulation -- UK Regulation -- US Regulation -- APEC regulation -- ISO27001 -- Chapter 12: Anti-Spam Legislation -- Executive summary -- Regulation of electronic marketing -- ISO27001 -- Chapter 13: Computer Misuse Legislation -- Executive summary -- Convention on cyber crime -- ISO27001 -- Chapter 14: Human Rights -- Executive summary -- ISO27001 -- Chapter 15: Record Retention and Destruction.

Executive summary -- Records -- ISO27001 -- Chapter 16: Information Security Governance -- Executive summary -- What is 'information security'? -- Information security is a Board responsibility -- Governance and risk management -- Corporate governance codes -- Information risk -- Governance failure -- Chapter 17: Benefits of an ISO27001 ISMS -- Executive summary -- A structured information security management system -- Benefits of a structured information security management system -- Benefits of external certification ('registration') to ISO27001 -- Chapter 18: ISO27001 in the Public Sector -- Executive summary -- UK public sector organisations -- Freedom of information legislation -- Board issues in the public sector -- Chapter 19: Is ISO27001 for you? -- Executive summary -- Do you have information that you rely on or which needs to be kept confidential? -- Do you collect personal information (e.g. from customers or employees)? -- Does your business rely on information technology for its daily activities? -- Do your customers, suppliers or partners need confidence in your information handling and privacy protection measures? -- Can you afford reputational damage, commercial and punitive losses, business interruption and loss or corruption of confidential information? -- Is ISO27001 the answer? -- Chapter 20: How do you go about ISO27001? -- Preparation -- Initial planning -- Implementation -- Chapter 21: Selection of a Certification Body -- Appendix: ISO27001 - Past, Present and Future -- ISO/IEC 17799 -- Links to other standards and regulatory frameworks -- Useful Websites -- ISO27001 certification organisations -- Governance -- Information security -- ITG Resources -- Other Websites -- Toolkits -- Training Services -- Professional Services and Consultancy -- Publishing Services -- Newsletter.

This friendly guide, updated to reflect ISO27001:2013, presents the compelling business case for implementing ISO27001 in order to protect your information assets. This makes it ideal reading for anyone unfamiliar with the many benefits of the standard, and as a supporting document for an ISO27001 project proposal.

Description based on publisher supplied metadata and other sources.

Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2024. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries.