Authored by an internationally recognized expert in the field, this expanded, timely second edition addresses all the critical information security management issues needed to help businesses protect their valuable assets. Professionals learn how to manage business risks, governance and compliance. This updated resource provides a clear guide to ISO/IEC 27000 security standards and their implementation, focusing on the recent ISO/IEC 27001. Moreover, readers are presented with practical and logical information on standard accreditation and certification. From information security management system (ISMS) business context, operations, and risk, to leadership and support, this invaluable book is your one-stop resource on the ISO/IEC 27000 series of standards.
Information Security; ISO/IEC 27001 ISMS Family; ISMS Business Context; Managing the ISMS Risks; ISMS Leadership and Support; Controls to Modify the Risks; ISMS Operations; Performance Evaluation; Improvements to the ISMS.
-
Edward Humphreys
Edward Humphreys is a visiting professor across Europe and Asia for short courses in ISMS, cyber resilience, risk management and risk psychology. He is the convener of the ISO/IEC JTC 1/SC 27 responsible for the development and maintenance of the family of ISO/IEC 27001 ISMS standards.