book

Selling Information Security to the Board

by Alan Calder

March 2016

Beginner

67 pages

1h 4m

English

IT Governance Publishing

Read now

Unlock full access

Content preview from Selling Information Security to the Board

CHAPTER 11: LEVERAGING ISO27001

The International Standard for best practice in information security management is ISO/IEC 27001. This standard provides a detailed specification for how an organisation should select information security controls, on the basis of a risk assessment, to counter threats to the confidentiality, integrity and availability of the organisation’s information assets.

The Standard is written to be technology neutral and sector agnostic; it is as applicable to large organisations as to small, and to the private sector, the public sector and the third, or voluntary, sector. Any organisation that complies with the Standard can have its management system audited by an accredited third party certification body and will then ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

How I Built a Personal Board of Directors With GenAI

Vipin Gupta

Designing a HIPAA-Compliant Security Operations Center: A Guide to Detecting and Responding to Healthcare Breaches and Events

Eric C. Thompson

A concise introduction to the NIS Directive - A pocket guide for digital service providers

Alan Calder

Evidence-Based Security

Christopher Frenz, Jonathan Reiber

Publisher Resources

ISBN: 9781849288019