A MANAGEMENT GUIDE
Information Security
based on ISO 27001/ISO 17799
Information is the currency of the information age and in many cases is t... » 

A MANAGEMENT GUIDE
Information Security
based on ISO 27001/ISO 17799
Information is the currency of the information age and in many cases is the most valuable asset possessed by an organisation. Information security management is the discipline that focuses on protecting and securing these assets against the threats of acts of nature, fraud and other criminal activity, user error and system failure.
This Management Guide provides an overview of the two international information security standards, ISO/IEC 27001:2005 and ISO/IEC 17799:2005. These standards provide a basis for implementing information security controls to meet an organisation's own business requirements as well as a set of controls for business relationships with other parties.
This Guide provides:
An introduction and overview to both the standards.
The background to the current version of the standards.
Links to other standards, such as ISO 9001, PAS 56 and ISO 20000.
Links to frameworks such as CobiT and ITIL.
Above all, this handy book describes how ISO 27001 and ISO 17799 interact to guide organisations in the development of best practice information security management systems.
The sister publication Implementing Information Security is also available from Van Haren Publishing.
'... of the high standard that I have come to expect of the author's work...' Dr Jon G. Hall, The Open University «