Skip to Main Content
Information Security Risk Assessment Workshop – 22 October 2024. Sign up now.
ISO 27001 controls – A guide to implementing and auditing, Second edition

ISO 27001 controls – A guide to implementing and auditing, Second edition

SKU: 5984
Authors: Bridget Kenyon
Publishers: ITGP
Format: e-book
ISBN13: 9781787784314
Pages: 249
Published: 11 Jul 2024
Availability: Available
Format: ePub
ISBN13: 9781787784321
Pages: 249
Published: 11 Jul 2024
Availability: Available

Ideal for information security managers, auditors, consultants and organisations preparing for ISO 27001:2022 certification.

The book covers the following:

  • Implementation guidance – what needs to be considered to fulfil the requirements of the controls from ISO/IEC 27001:2022, Annex A. This guidance is aligned with ISO/IEC 27002:2022, which gives advice on implementing the controls.
  • Auditing guidance – what should be checked, and how, when examining the ISO/IEC 27001:2022 controls to ensure that the implementation covers the ISMS control requirements. 

 

Buy now, pay later! Enjoy the benefits of paying by purchase order with an IT Governance corporate account.  Apply online today or call our service centre team on +44 (0)333 800 7000.

Paperback formats are available for all IT Governance Publishing titles on request.
Please contact us for further information:

team@itgovernancepublishing.co.uk +44 (0)333 666 9000

Options:
Price: £29.95
Overview

Following the success of the first edition, this book has been re-released to reflect the ISO/IEC 27001:2022 and ISO/IEC 27002:2022 updates.

Ideal for information security managers, auditors, consultants and organisations preparing for ISO 27001:2022 certification, this book will help readers understand the requirements of an ISMS (information security management system) based on ISO 27001:2022. Similarly, for anyone involved in internal or external audits, the book includes the definitive requirements that auditors must address when certifying organisations to ISO 27001:2022.

The auditing guidance covers what evidence an auditor should look for to satisfy themselves that the requirement has been met. This guidance is useful for internal auditors and consultants, as well as information security managers and lead implementers as a means of confirming that their implementation and evidence to support it will be sufficient to pass an audit.

This guide is intended to be used by those involved in:

  • Designing, implementing and/or maintaining an ISMS;
  • Preparing for ISMS audits and assessments; or
  • Undertaking both internal and third-party ISMS audits and assessments.
About the author

Bridget Kenyon

Bridget Kenyon is the Chief Information Security Officer for SSCL. She is responsible for managing strategy and information security activities for the whole organisation, including internal and customer-facing elements. In parallel to her main role, Bridget has been on the ISO editing team for ISMS standards since 2006; she has served as Lead Editor for ISO/IEC 27001:2022 and ISO/IEC 27014:2020.

Joining DERA in 2000 to work on network vulnerabilities, Bridget discovered her passion for information and cyber security. Following this, she has been a Qualified Security Assessor against PCI DSS, Head of Information Security for UCL, and has held operational and consultancy roles in both industry and academia. She is a member of the UK Advisory Council for ISC2, and a Fellow of the Chartered Institute of Information Security.

Bridget’s interests lie in finding the edges of security which you can peel up, and the human aspects of system vulnerability. She’s the sort of person who will always have a foot in both the technical and strategy camps. She enjoys helping people to find solutions to thorny problems, and strongly believes that cyber and information security are fundamental to resilient business operations, not “nice to haves”.

Customer Reviews

NCSAM:
Save 15%
here
Loading...