Book description
The audit process can be a daunting one as an auditor can direct questions at any employee within your organisation. Written in a clear plain style, this pocket guide offers a tried and tested briefing, and should be issued to staff in advance of the audit to help them prepare for the experience and be well equipped to answer questions when asked.
This pocket book explains what an ISO 27001 assessment is, why organisations bother with them, and what individual staff should do and, perhaps as importantly, not do if an auditor chooses to question them.
The book covers:
- What an assessment is
- Why information security is important
- What happens during an assessment
- What to consider when answering an auditor';s questions
- What happens when an auditor finds something wrong
- Your policies and how to prepare
- Further information: who to ask
This pocket book is the perfect tool to train everybody inside your organisation to play their part in your ISO 27001 assessment.
Table of contents
- ITG POCKET GUIDES
- CONTENTS
- INTRODUCTION
- CHAPTER 1: WHAT ARE ASSESSMENTS?
- CHAPTER 2: WHY INFORMATION SECURITY?
- CHAPTER 3: WHAT ACTUALLY HAPPENS DURING AN ASSESSMENT?
- CHAPTER 4: ANSWERING AUDITORS’ QUESTIONS
- CHAPTER 5: WHAT HAPPENS WHEN THE AUDITOR FINDS SOMETHING WRONG?
- CHAPTER 6: POLICIES
- CHAPTER 7: FURTHER ADVICE AND ASSISTANCE
- APPENDIX 1: DEFINITIONS OF TERMS
Product information
- Title: ISO27001 Assessments Without Tears
- Author(s):
- Release date: March 2007
- Publisher(s): IT Governance Publishing
- ISBN: 9781849281164
You might also like
book
Soft Skills für IT-Berater
mit vielen Beispielen, Übungen zur Selbsterfahrung und Theorieteil im Anhang behandelt den Beratungs- und Veränderungsprozess im …
book
A Manager's Guide to ISO22301
Understand ISO22301 Business Continuity Have you ever wondered whether your business continuity plan is any good, …
book
ISO27001 in a Windows® Environment: The best practice handbook for a Microsoft® Windows® environment, Second Edition
Covering best practice implementation over a wide range of Windows® environments, this second edition is completely …
book
IT Governance: Guidelines for Directors
A director's guide to IT governance This book is an essential read for those sitting on …