Uncover the nine simple steps and six secrets to ISO 27001 certification success with this bestselling title.
Revealing the methodology used by consultants in hundreds of successful ISMS implementations, this book will help you through every stage of your ISO 27001 project.
In sensible, non-technical language, this guide will take you through the key steps of an ISO 27001 project to ensure its success – from inception to certification:
Now in its third edition and aligned to ISO 27001:2013, this guide is ideal for anyone tackling the Standard for the first time. Download a sample of this book here.
Get management support and keep the board’s attention;
Create a management framework and perform a gap analysis, so you can clearly understand the controls you already have in place and identify where you need to focus your efforts;
Structure and resource your project – including advice on whether to use consultants or do it yourself, and an examination of the available tools and resources that will make your job easier;
Conduct a five-step risk assessment, and create a Statement of Applicability and a risk treatment plan;
Integrate your ISO 27001 ISMS with an ISO 9001 QMS and other management systems;
Address the documentation challenges you’ll face as you create business policies, procedures, work instructions and records – including viable alternatives to a costly trial-and-error approach;
Continually improve your ISMS, including internal auditing and testing, and management review;
This title will give you the guidance you need to understand the Standard’s requirements and ensure your implementation project is a success, which includes six secrets to certification success.
Achieving and maintaining accredited certification to ISO 27001, the international standard that sets out the requirements of an ISMS, can be a complicated undertaking, especially for implementers who are new to the Standard.
The author, Alan Calder, knows ISO 27001 inside out: he is the founder and executive chairman of IT Governance, and he led the implementation of the first management system to achieve accredited certification to BS 7799 – the forerunner to ISO 27001 – and has been working with the Standard and its successors ever since.
Hundreds of organisations around the world have achieved accredited certification to ISO 27001 with IT Governance’s guidance – which is distilled in this book.