Most ISO27001 implementations will involve a Windows® environment at some level. Unfortunately, there is often a knowledge gap between those trying to implement ISO27001 and the IT specialists trying to put the necessary best practice controls in place using Microsoft®’s technical controls. ISO27001 in a Windows® Environment bridges that gap and gives essential guidance to everyone involved in a Windows®-based ISO27001 project.
The third edition of ISO27001 in a Windows® Environment covers Windows® 8 and Microsoft® Windows Server® 2012. It is also completely aligned to ISO27001:2013, the latest version of the international standard for information security management.
1. Information and Information Security; 2. Using an ISMS to Counter the Threats; 3. An Introduction to ISO27001; 4. Identify your Information Assets; 5. Conducting a Risk Assessment; 6. An Overview of Microsoft Technologies; 7. Implementing ISO27001 in a Microsoft environment; 8. Securing the Windows® environment; 9. Securing the Microsoft® Windows Server® platform; 10. Auditing and Monitoring; 11. Securing your Servers; 12. Appendix 1: Overview of security settings for Windows Server® 2008 and 2012 servers and domain controllers; 13. Appendix 2: Bibliography, Reference and Further Reading