Overview

Implementing the ISO/IEC 27001 Information Security Management System Standard, Third Edition is the definitive guide to ISO/IEC 27001, fully updated to align with the 2022 revisions and related ISO/IEC 27000 ISMS standards. This comprehensive resource offers clear, concise guidance for implementing, managing, and certifying an Information Security Management System (ISMS).   This edition incorporates real-world case studies, expert insights, and best practices, serving as a vital reference for organizations of all sizes and industries. It provides practical strategies for implementing, certifying and improving ISMS, and addresses the evolving landscape of information security, governance and compliance. This resource covers risk management, regulatory requirements, leadership responsibilities, and operational security.   This book aligns information security with business objectives and explores emerging challenges such as supply chain security, cloud security, and evolving cyber threats, ensuring organizations remain resilient in an increasingly complex digital environment. With its clear explanations and guidance, this resource is invaluable for managers, CISOs, security risk managers, auditors, certifiers, trainers, regulatory bodies, educators, and anyone responsible for securing organizational data and systems.

Full Product Details

Author:   Edward Humphreys
Publisher:   Artech House Publishers
Imprint:   Artech House Publishers
Edition:   3rd Unabridged edition
ISBN:  

9781685690755

ISBN 10:   1685690750
Pages:   250
Publication Date:   30 June 2025
Audience:   Professional and scholarly ,  Professional & Vocational
Format:   Hardback
Publisher's Status:   Active
Availability:   In Print  
This item will be ordered in for you from one of our suppliers. Upon receipt, we will promptly dispatch it out to you. For in store availability, please contact us.

Table of Contents

Chapter 1 Information Security 1.1 Importance of being informed 1.2 Globally Connected 1.3 More Ado About Risks 1.4 Decoding the Secret of Information Security Management 1.5 Management and Awareness 1.6 Legislation, Regulation, and Governance 1.7 En Route to a Certified Business Environment   Chapter 2 ISO/IEC 27000 Series 2.1 ISO/IEC Standardization 2.2 Overview of the ISO/IEC 27001 Standard 2.3 Short History of ISO/IEC 27001 2.4 Overview of ISO/IEC 27001: 2022 2.5 Conformance to ISO/IEC 27001   Chapter 3 ISMS Business Case and Context 3.1 ISMS Business Case 3.2 Organizational Context 3.3 Needs and Expectations 3.4 ISMS Scope   Chapter 4 Managing the ISMS Risks 4.1 Importance of Risk and Opportunity 4.2 Risk Management Process 4.3 On-going Re-assessment of Risk   Chapter 5 ISMS Leadership and Support 5.1 Management Policy 5.2 Leadership 5.3 Roles and Responsibilities 5.4 Resources 5.5 Training and Awareness   Chapter 6 Measures to Modify the Risks 6.1 Determining the Controls 6.2 System of Controls 6.3 Control through Policies and Procedures 6.3.1 General 6.4 Example Control Sketches 6.5 Sector and Application Specific Controls 6.6 ISO/IEC 27001 Annex A   Chapter 7 ISMS Operations 7.1 Operational Planning, Management and Control 7.2 On-Going Risk Assessment 7.3 On-Going Risk Treatment 7.4 Example Sketches of Operational Threats 7.5 Example Sketches of Operational Processes 7.6 Incident Management Narrative 7.7 ISMS Availability and Business Continuity Narrative 7.8 ISMS Use Examples   Chapter 8 Performance Evaluation 8.1 Performance, Change and Improvement 8.2 Monitoring and Operational Reviews 8.3 ISMS Measurements Programme 8.4 On-Going Risk Management 8.5 ISMS Internal Audits 8.6 Management Reviews of the ISMS 8.7 Awareness And Communications   Chapter 9 Improvements to the ISMS 9.1 Continual Improvement 9.2 Conformance and Non-conformance 9.3 Making Improvements   Chapter 10 Accredited ISMS Certification 10.1 Overview 10.2 International Certification 10.3 Certification and Accreditation 10.4 Standards Involved 10.5 ISMS Audits   Chapter 11 Coda 11.1 The ISMS - a Living System 11.2 Processes Cycles and Sequences of Activity 11.3 ISMS the Business Enabler   References About the Author Index

Reviews

Author Information

Dr. Edward Humphreys has been an expert in the field of IT security, information security and risk management for more than 41 years. During this time, he has undertaken professional advisory and counselling engagements for major international organizations as well as for governments and the European Commission, Council of Europe, and the OECD.

Tab Content 6

Author Website:  

Countries Available

All regions