BIP 0072:2013 Are you ready for an ISMS audit based on 27001?

Find Similar Items

This product falls into the following categories.

You may find similar items within these categories by selecting from the choices below:

BIP 0072:2013

Are you ready for an ISMS audit based on ISO/IEC 27001?

Status : Current   Published : November 2013



This second edition provides user guidance on getting ready and prepared for an ISMS certification audit. It is based on the new editions of ISO/IEC 27001, ISO/IEC 27006 and ISO 27007.

The book acts as a practical guide for organizations wishing to carry out internal assessment of their information security management system (ISMS) against the requirements in the new ISO/IEC 27001:2013.

It is of particular interest to those with an interest in ISMS (information security management system) certification and is essential reading for those that already have a certified ISMS against the previous edition or those about to embark on the process of certification.

This book provides guidance on the complete “life cycle” of ISMS processes and activities required to establish, implement, monitor and continually improve a set of management controls and processes to achieve effective information security.

It will help those involved in certification audits understand the transition  from the old to the new editions of ISO/IEC 27001 and ISO/IEC 2700 and includes new references and definitions.

The book is applicable to organizations of any size, government departments and agencies, certification and accreditation bodies, training organizations, academic institutions, implementers, auditors, consultants, trainers and lecturers.

Edward Humphreys (Chartered Fellow of the BCS - FBCS CITP, CISM) has been an expert in the field of information security and risk management for more than 35 years. During this time, he has provided consultancy to major international companies (Europe, North/South America and Asia) and has worked for many years as senior advisor to the European Commission. He is conveyor of the ISO/IEC working group that is responsible for the development and maintenance of the family of ISO/IEC 27001 ISMS standards.

Bridget Kenyon (CISSP) is Head of Information Security for University College London. Her experience in information security started in 2000 with a role in network vulnerabilities at DERA, following which she has been a Qualified Security Assessor against PCI DSS, the Information Security Officer for Warwick University and has held a variety of roles in consultancy and academia. She is editor for ISO/IEC 27013, and now chairs BSI Panel 1. She also chairs the Janet IG Working Group, which aims to provide HE input into the NHS’s Information Governance Toolkit.


1 Introduction
1.1 Scope of this guide
1.2 Use of the standards
1.3 Companion guides
2 Identifying the ISMS scope
3 How to use this guide
3.1 ISMS process requirements
3.2 Annex A control requirements
4 ISMS processes workbook (assessment of ISMS process requirements)
5 Annex A Gap Analysis Workbook (assessment of ISMS controls)

Other information security books you might be interested in...

From a more detailed understanding of the new standard to guidelines on implementation, certification and audits, we have a number of books to help you make your transition.

Standard NumberBIP 0072:2013
TitleAre you ready for an ISMS audit based on ISO/IEC 27001?
Publication Date13 November 2013
ReplacesBIP 0072:2005
DescriptorsData processing, Computers, Management, Data security, Data storage protection, Anti-burglar measures, Information systems, Documents, Records (documents), Classification systems, Computer technology, Computer networks, Technical documents, Maintenance, Information exchange IT and Information Management: Information Security
ISBN978 0 580 82913 0
File Size705 KB

 Your basket
Your basket is empty

Take the smart route to manage medical device compliance


The faster, easier way to work with standards

Collaborate, Innovate, Accelerate.

Join us for the 10th anniversary Fire Safety Conference.

Customers who bought this product also bought

  • BIP 0073:2013
    Guide to the Implementation and Auditing of ISMS Controls based on ISO/IEC 27001
  • BIP 0071:2013
    Guidelines on Requirements and Preparation for ISMS Certification based on ISO/IEC 27001
  • BIP 0140:2013
    Understanding the new ISO Management System Requirements
  • BIP 0076
    Information security risk management Handbook for ISO/IEC 27001