Information Security Risk Management for ISO27001/ISO27002 by Steve Watkins

Information Security Risk Management for ISO27001/ISO27002 by Steve Watkins

Drawing on international best practice, including ISO/IEC 27005, NIST SP800-30 and BS7799-3, the book explains in practical detail how to carry out an information security risk assessment. It covers key topics, such as risk scales, threats and vulnerabilities, selection of controls, and roles and responsibilities, and includes advice on choosing risk assessment software.

Alan Calder is an acknowledged international cyber security guru and a leading author on information security and IT governance issues.

Alan co-wrote (with Steve Watkins) the definitive compliance guide, IT Governance: An International Guide to Data Security and ISO27001/ISO27002 (now in its sixth edition), which is the basis for the UK Open University’s postgraduate course on information security. This work draws on his experience leading the world’s first successful implementation of BS 7799 (now ISO 27001).

Steve is an authority on information security management and ISO 27001 implementation.

He is Chair of the ISO/IEC 27001 User Group – the UK Chapter of the ISMS International User Group – and is an ISMS Technical Assessor for UKAS, advising on its assessments of certification bodies offering accredited certification. Steve sits on the IST/33 committee responsible for the UK’s contributions to the revisions of the ISO 27000 series of standards and on RM/1, the committee responsible for BS 31100 – the British standard for risk management – and for the UK’s contributions to ISO 31000.

SKU	Unavailable
ISBN 13	9781849280433
ISBN 10	1849280436
Title	Information Security Risk Management for ISO27001/ISO27002
Author	Steve Watkins
Condition	Unavailable
Binding Type	Paperback
Publisher	IT Governance Publishing
Year published	2010-04-27
Number of pages	198
Cover note	Book picture is for illustrative purposes only, actual binding, cover or edition may vary.