Tackling ISO 27001 for the first time can be daunting to say the least. It would be nice to have experienced, skilful people on your team to help the project along, but most organisations are not so lucky.
You really just want a friendly face with all the answers, who’s constantly there…
Well, while we can’t teleport Alan Calder to your office, we can give you his book.
Nine Steps to Success: An ISO 27001:2013 Implementation Overview has long been one of our bestselling titles, and it’s easy to see why when we get feedback like this:
“It’s like having a $300/hr consultant at your elbow as you consider the aspects of gaining management support, planning, scoping, communication, etc.”
Uncovering nine steps and six secrets to implementing ISO 27001
Covering every aspect of implementing ISO 27001, this book tackles notorious problems such as getting management support and the secrets of successfully certifying, as well as:
- Getting management support and keeping the board’s attention;
- Creating a management framework and performing a gap analysis so that you can clearly understand the controls you already have in place and identify where you need to focus your efforts;
- Structuring and resourcing your project – including advice on whether to use consultants or do it yourself, and an examination of the available tools and resources that will make your job easier;
- Conducting a five-step risk assessment, and creating a Statement of Applicability and a risk treatment plan;
- Guidance on integrating your ISO 27001 ISMS with an ISO 9001 QMS and other management systems;
- Addressing the documentation challenges you’ll face as you create business policies, procedures, work instructions and records – including viable alternatives to a costly trial-and-error approach;
- Continual improvement of your ISMS, including internal auditing and testing, and management review;
- The six secrets to certification success.
Updated to reflect the implementation methodology used by IT Governance consultants in hundreds of successful ISMS implementations around the world, this title provides a comprehensive overview of how to lead a successful ISO 27001-compliant ISMS implementation in just nine steps.
Alan Calder knows ISO 27001 inside out: the founder and executive chairman of IT Governance, he led the implementation of the management system that achieved the world’s first accredited certification to BS 7799 – the forerunner to ISO 27001 – and has been working with the Standard ever since. Hundreds of organisations around the world have achieved accredited certification to ISO 27001 with IT Governance’s guidance – which is distilled in this book.
In Nine Steps to Success – An ISO 27001 Implementation Overview, Alan provides a comprehensive overview of how to lead a successful ISO 27001-compliant ISMS implementation in just nine steps.
Additional useful resources:
- ISO IEC 27001 2013 and ISO IEC 27002 2013 – The core standards.
- IT Governance – An International Guide to Data Security and ISO27001/ISO27002, Sixth Edition – For further technical information on the implementation process.
- ISO 27001 ISMS Documentation Toolkit – Pre-written templates developed by industry experts to help accelerate your projects.
- vsRisk – A leading risk assessment tool to help speed up your risk assessments.