BIP 0139:2013 An Introduction to ISO/IEC 27001:2013

Find Similar Items

This product falls into the following categories.

You may find similar items within these categories by selecting from the choices below:

BIP 0139:2013

An Introduction to ISO/IEC 27001:2013

Status : Current   Published : October 2013


ISO/IEC 27001:2013 focuses on specific recommendations to help you establish your own Information Security Management System (ISMS), monitor its performance and implement necessary improvements where necessary.

The new standard has been written using the high level structure that will be common to all new management system standards. This will allow easier integration when implementing more than one management system within your organization.

This standard is less prescriptive, allowing greater flexibility on how requirements are satisfied, thereby giving organizations greater freedom to implement requirements in a manner best suited to them.

This book serves as a basic introduction to ISO/IEC 27001:2013 and acts as a straight-forward guide to implementation. It includes a practical, easy to use assessment/risk treatment method that delivers results directly expressed in business meaningful terms.

The book is aimed primarily at people are looking for straight-forward overview of the standard and how to implement it. You can be new to the sector, new to the job, or new to the standard – this useful pocket guide has all the information you need to get you started.

The guidance in this book is applicable to a wide range of differing ISMS implementations appropriate to SMEs as well as much larger organisations

Dr. David Brewer was one of the first consultants to advise the British Government on information security matters, providing assistance to establish the first ever computer security evaluation facilities and evaluation criteria, and is a a co-author of the original ISMS standard, BS 7799 Part 2.

He is now an active member of the UK delegation to ISO JTC 1 SC27 WG1, which is responsible for the IS27000 family of standards; and is co-editor for the revision of ISO/IEC 27004 (Measurements). He is well known for his work in rolling out ISO/IEC 27001 to the whole of the Civil Service in Mauritius, which is an exemplar of his ISMS implementation methodology, and his ability to train people to train others.



Introduction - Preface, What this book is about, How to use this book, Benefits 

Chapter 1 – Information Security Management SystemsIntroduction, Purpose and benefits, Understanding management system standards, Structure of the ISO/IEC 27001 standard, Management system versus information security specific requirements, Relation with other standards

Chapter 2 - Management system-specific requirementsIntroduction, Continuous improvement, Scope, organisation and context, Policy and objectives, Risks and opportunities, Operation, Performance evaluation and actions, Management and support

Chapter 3 – Information security-specific requirements, Introduction, Risk assessment and risk treatment, Identifying controlsThe Statement of Applicability, Evaluating effectiveness

Chapter 4 - Implementation guidance, Introduction, Implementation strategies, Preparation and project planning, Choice of documentation media, Risk assessment/risk treatment methods, Identifying controls in practice, Management system process examples, Dos and don’ts


Other information security books you might be interested in...

From a more detailed understanding of the new standard to guidelines on implementation, certification and audits, we have a number of books to help you make your transition.

Standard NumberBIP 0139:2013
TitleAn Introduction to ISO/IEC 27001:2013
Publication Date04 October 2013
DescriptorsData processing, Computers, Management, Data security, Data storage protection, Anti-burglar measures, Information systems, Documents, Records (documents), Classification systems, Computer technology, Computer networks, Technical documents, Maintenance, Information exchange
ISBN978 0 580 82165 3
File Size0 KB

 Your basket
Your basket is empty

Take the smart route to manage medical device compliance

Join us for the 10th anniversary Fire Safety Conference.

Collaborate, Innovate, Accelerate.

Worldwide Standards
We can source any standard from anywhere in the world

Customers who bought this product also bought

  • BIP 0140:2013
    Understanding the new ISO Management System Requirements
  • BIP 0073:2013
    Guide to the Implementation and Auditing of ISMS Controls based on ISO/IEC 27001
  • BIP 0071:2013
    Guidelines on Requirements and Preparation for ISMS Certification based on ISO/IEC 27001
  • BIP 0141:2013
    ISO 27001:2013 ISMS Standalone Documentation Toolkit