Manish Sehgal reviews IT Governance’s core product: IT Governance – An international guide to data security and ISO27001 / ISO27002.
“ISO/IEC 27001:2005 is the de facto global standard for managing and implementing an Information Security Management System (ISMS).
This book is an excellent companion to the ISO27001 standard, providing the reader with a crystal clear view of what the technical aspect of the standard really means.
References are appropriately provided and examples are given at large to help the reader understand the actual requirements specified in the ISO/IEC 27001:2005.
Not only will it enable management to understand the expectations related to ISMS implementation, but, also helps to answer questions such as;
- What is the need for securing the information?
- What is the value of adopting best practices?
- How to design policies, procedures, forms, formats, and templates?
- How to adhere to the ISMS?
If you are looking for a one stop solution to answer all these questions and more, this is the book for you. It will help make the route to implementation and certification easier to take.
I would strongly recommend this book to organisations that would like to get (or are in process of) certified to ISO/IEC 27001:2005. This book will clearly help you to save a lot of time and effort, which would usually be spent in understanding the technical aspect and the managerial perspective of the requirements outlined in the standard.
Proving to be of great value to students, consultants, and managers in the