Rating: 4 out of 5 stars
4/5
Ebook62 pages46 minutes
ISO/IEC 27001:2022: An introduction to information security and the ISMS standard
Rating: 5 out of 5 stars
5/5
()
About this ebook
Written by an acknowledged expert on the ISO/IEC 27001 Standard, ISO 27001:2022 – An Introduction to information security and the ISMS standard is an ideal primer for anyone implementing an information security management system aligned to ISO 27001:2022.
The guide is a must-have resource giving a clear, concise and easy-to-read introduction to information security, providing guidance to ensure the management systems you put in place are effective, reliable and auditable.
This pocket guide will help you to:
- Make informed decisions
Using this guide will enable the key employees in your organisation to make better decisions before embarking on an information security project.
- Ensure everyone is up to speed
This guide will give the non-specialists on the project board and in the project team a clearer understanding of what an information security management system involves, reflecting the ISO 27001:2022 version of the Standard.
- Raise awareness among staff
Ensure that your staff know what is at stake with regard to information security and understand what is expected of them with this pocket guide.
- Enhance your competitiveness
Use this guide to begin your ISO 27001:2022 implementation journey and let your customers know that the information you hold about them is managed and protected appropriately.
Get up to speed with the ISO 27001:2022 updates and keep your information secure About the author:Steve is a Director of Kinsnall Consulting Ltd, providing board-level advice on cyber security and related standards.
Steve is an active member of SC 27, the international committee responsible for cyber security, information security and privacy protection standards, including the ISO 27001 family. He Chairs the UK national committee (IST 33) that mirrors SC 27 and is the Chair of the UK ISO/IEC 27001 User Group.
He is also a contracted ISMS and ITSMS Technical Assessor for UKAS, supporting the assessment of certification bodies offering accredited certification to ISO/IEC 27001 and ISO/IEC 20000-1.
TOC:Introduction
Chapter 1: Information security – What’s that?
Chapter 2: It’s not IT
Chapter 3: ISO 27001 and the management system requirements
Chapter 4: Legal, regulatory and contractual requirements and business risk
Chapter 5: Information security controls
Chapter 6: Certification
Chapter 7: Signposting
Further reading
Author
Steve Watkins
STEVE WATKINS is a professor of English at the University of Mary Washington. He is the author of a collection of stories, My Chaos Theory, and two young adult novels, Down Sand Mountain and What Comes After. Watkins is also an award-winning journalist whose work has appeared in publications including LA Weekly, Poets and Writers, and the Nation.
Read more from Steve Watkins
Information Security Risk Management for ISO 27001/ISO 27002, third edition ISO 9001: A Pocket Guide Rating: 3 out of 5 stars3/5Risk Assessment for Asset Owners Rating: 4 out of 5 stars4/5IT Governance – An international guide to data security and ISO 27001/ISO 27002, Eighth edition Rating: 5 out of 5 stars5/5Classic Bengals: The 50 Greatest Games in Cincinnati Bengals History Rating: 0 out of 5 stars0 ratingsThe Black O: Racism and Redemption in an American Corporate Empire Rating: 5 out of 5 stars5/5Pilgrim Strong: Rewriting my story on the Way of St. James Rating: 0 out of 5 stars0 ratings
Related to ISO/IEC 27001:2022
Related ebooks
ISO 27001/ISO 27002: A guide to information security management systems Rating: 0 out of 5 stars0 ratingsISO/IEC 27701:2019: An introduction to privacy information management Rating: 4 out of 5 stars4/5Application security in the ISO27001:2013 Environment Rating: 4 out of 5 stars4/5Cyber Essentials: A guide to the Cyber Essentials and Cyber Essentials Plus certifications Rating: 0 out of 5 stars0 ratingsISO 22301: 2019 - An introduction to a business continuity management system (BCMS) Rating: 4 out of 5 stars4/5CISSP Exam Study Guide: NIST Framework, Digital Forensics & Cybersecurity Governance Rating: 5 out of 5 stars5/5Risk Management and ISO 31000: A pocket guide Rating: 0 out of 5 stars0 ratingsPCI DSS: A Pocket Guide, fourth edition Rating: 0 out of 5 stars0 ratingsCyber Security: Essential principles to secure your organisation Rating: 0 out of 5 stars0 ratingsSelling Information Security to the Board: A Primer Rating: 0 out of 5 stars0 ratingsISO/IEC 38500: A pocket guide, second edition Rating: 4 out of 5 stars4/5Managing Information Security Breaches: Studies from real life Rating: 0 out of 5 stars0 ratingsThe Official (ISC)2 CCSP CBK Reference Rating: 0 out of 5 stars0 ratingsISO/IEC 20000: An Introduction to the global standard for service management Rating: 0 out of 5 stars0 ratingsBusiness Practical Security Rating: 0 out of 5 stars0 ratingsApplication Security in the ISO27001 Environment Rating: 0 out of 5 stars0 ratingsInformation Security Breaches: Avoidance and Treatment based on ISO27001 Rating: 0 out of 5 stars0 ratingsCyber Security Policy A Complete Guide - 2020 Edition Rating: 5 out of 5 stars5/5GDPR for DevOp(Sec) - The laws, Controls and solutions Rating: 5 out of 5 stars5/5Information Security Governance: A Practical Development and Implementation Approach Rating: 0 out of 5 stars0 ratingsCertified Cybersecurity Compliance Professional Rating: 5 out of 5 stars5/5Risk Management and Information Systems Control Rating: 5 out of 5 stars5/5Modern Cybersecurity Practices: Exploring And Implementing Agile Cybersecurity Frameworks and Strategies for Your Organization Rating: 0 out of 5 stars0 ratings
Computers For You
Elon Musk Rating: 4 out of 5 stars4/5The Invisible Rainbow: A History of Electricity and Life Rating: 5 out of 5 stars5/5How to Create Cpn Numbers the Right way: A Step by Step Guide to Creating cpn Numbers Legally Rating: 4 out of 5 stars4/5Standard Deviations: Flawed Assumptions, Tortured Data, and Other Ways to Lie with Statistics Rating: 4 out of 5 stars4/5The ChatGPT Millionaire Handbook: Make Money Online With the Power of AI Technology Rating: 4 out of 5 stars4/5Uncanny Valley: A Memoir Rating: 4 out of 5 stars4/5Slenderman: Online Obsession, Mental Illness, and the Violent Crime of Two Midwestern Girls Rating: 4 out of 5 stars4/5The Innovators: How a Group of Hackers, Geniuses, and Geeks Created the Digital Revolution Rating: 4 out of 5 stars4/5Alan Turing: The Enigma: The Book That Inspired the Film The Imitation Game - Updated Edition Rating: 4 out of 5 stars4/5An Ultimate Guide to Kali Linux for Beginners Rating: 3 out of 5 stars3/5Mastering ChatGPT: 21 Prompts Templates for Effortless Writing Rating: 4 out of 5 stars4/5Learning the Chess Openings Rating: 5 out of 5 stars5/5Everybody Lies: Big Data, New Data, and What the Internet Can Tell Us About Who We Really Are Rating: 4 out of 5 stars4/5Deep Search: How to Explore the Internet More Effectively Rating: 5 out of 5 stars5/5Procreate for Beginners: Introduction to Procreate for Drawing and Illustrating on the iPad Rating: 5 out of 5 stars5/5The Professional Voiceover Handbook: Voiceover training, #1 Rating: 5 out of 5 stars5/5CompTIA Security+ Get Certified Get Ahead: SY0-701 Study Guide Rating: 5 out of 5 stars5/5Tor and the Dark Art of Anonymity Rating: 5 out of 5 stars5/5SQL QuickStart Guide: The Simplified Beginner's Guide to Managing, Analyzing, and Manipulating Data With SQL Rating: 4 out of 5 stars4/5Grokking Algorithms: An illustrated guide for programmers and other curious people Rating: 4 out of 5 stars4/5CompTIA IT Fundamentals (ITF+) Study Guide: Exam FC0-U61 Rating: 0 out of 5 stars0 ratingsThe Hacker Crackdown: Law and Disorder on the Electronic Frontier Rating: 4 out of 5 stars4/5Excel 101: A Beginner's & Intermediate's Guide for Mastering the Quintessence of Microsoft Excel (2010-2019 & 365) in no time! Rating: 0 out of 5 stars0 ratings
Related podcast episodes
Cybersecurity Trends and Practices 0% found this document usefulcybersecurity maturity model certification (CMMC) (noun) [Word Notes] 0% found this document usefulThe Foolproof Way To Pass The CIPPE Exam In 2 Weeks 0% found this document useful#63 Epiq's Information Security Journey: With guest Dinesh Sharma 0% found this document usefulCloud-Native Security & Usage 0% found this document useful#383: What Standards apply to my Device? 0% found this document useful
Related articles
How To Earn Cyber Essentials Certification PC Pro MagazineUNLIMITED
How To Earn Cyber Essentials Certification
May 9, 2024
8 min read“DORA Is A Force For Good And Will Help Businesses To Make Better Decisions, Faster” PC Pro MagazineUNLIMITED
“DORA Is A Force For Good And Will Help Businesses To Make Better Decisions, Faster”
Apr 10, 2022
6 min readCybersecurity Made Simple: Taming The Password The European Business ReviewUNLIMITED
Cybersecurity Made Simple: Taming The Password
Mar 1, 2022
8 min readWhy Leaders Need To Take A Risk-based Approach To Data Security NZBusiness and ManagementUNLIMITED
Why Leaders Need To Take A Risk-based Approach To Data Security
Jul 21, 2021
5 min readA Practical Guide To Kick-starting Your Cyber Supply Chain Risk Programme The European Business ReviewUNLIMITED
A Practical Guide To Kick-starting Your Cyber Supply Chain Risk Programme
Mar 27, 2024
5 min readZero Trust PC Pro MagazineUNLIMITED
Zero Trust
Sep 11, 2022
2 min readAsk The Expert Ethical Investing New Zealand Woman’s WeeklyUNLIMITED
Ask The Expert Ethical Investing
Oct 16, 2023
In a very basic way, ethical investing is choosing investments that align with our values while (hopefully) still making money. That often means avoiding investment in companies that are involved with certain industry sectors like fossil fuels and no
2 min readDiagnosis: We Have Pii And Ip… Now What? The European Business ReviewUNLIMITED
Diagnosis: We Have Pii And Ip… Now What?
Oct 2, 2023
5 min readChoosing The Best Fit Finweek - EnglishUNLIMITED
Choosing The Best Fit
Aug 7, 2020
all investments have an impact – either positive or negative. A positive impact can be generated deliberately or unintentionally. Selecting the right metrics is an important tenet of the impact measurement and management process. But simply measuring
2 min readThe CYBERSECURITY CHALLENGE in a High Digital Density World The European Business ReviewUNLIMITED
The CYBERSECURITY CHALLENGE in a High Digital Density World
Feb 4, 2019
17 min read“My Old Mum, Who Thinks ‘Cloud’ Means Rain, Started Worrying About Supply Chain Vulnerabilities” PC Pro MagazineUNLIMITED
“My Old Mum, Who Thinks ‘Cloud’ Means Rain, Started Worrying About Supply Chain Vulnerabilities”
Dec 5, 2024
If resilience was the buzzword for the years 2022 to 2024, then get ready, because 2025 is going to be the year of the supply chain. I’m staking my claim early. Why am I so confident that supply chain management will be at the forefront of everyone’s
6 min readSecurity Experts Predict 2021 HWM SingaporeUNLIMITED
Security Experts Predict 2021
Jan 10, 2021
Yes, right after an article about how security predictions may not always come through in the way they are predicted, we’ve rounded up a series of 2021 predictions from the very same experts, and even some hackers. Why? Because unlike previous years,
7 min readBad Practice PC Pro MagazineUNLIMITED
Bad Practice
Jan 8, 2025
At the risk of sounding like an old-fashioned teacher, the biggest danger to businesses in 2025 is their own bad practice. Whether it’s through a lack of clear security policies, insufficient planning or relying upon the same old protections as they
2 min readWill You Run Out of Money in Retirement? The Right Income Plan Can Help KiplingerUNLIMITED
Will You Run Out of Money in Retirement? The Right Income Plan Can Help
Aug 15, 2021
One of the most persistent analogies I have heard in my career as a financial adviser is the story of climbing and descending Mount Everest. As the story goes, more climbers perish on the way down the mountain than do climbing up it. We then equate
3 min readDigital Trust Is On The Horizon The European Business ReviewUNLIMITED
Digital Trust Is On The Horizon
Mar 1, 2022
11 min readInsurance Policies To Go Paperless India TodayUNLIMITED
Insurance Policies To Go Paperless
Sep 24, 2022
4 min readMany Pennies For Your Thoughts Finweek - EnglishUNLIMITED
Many Pennies For Your Thoughts
Feb 14, 2020
5 min readHow Do You Know You Are Okay? NZBusiness and ManagementUNLIMITED
How Do You Know You Are Okay?
May 27, 2019
2 min readStartup Due Diligence: What You Need to Know Home Business MagazineUNLIMITED
Startup Due Diligence: What You Need to Know
Jun 29, 2023
4 min readStartup Due Diligence: What You Need to Know Home Business MagazineUNLIMITED
Startup Due Diligence: What You Need to Know
Jun 29, 2023
4 min readRetirement Planning Reinvented KiplingerUNLIMITED
Retirement Planning Reinvented
Apr 2, 2019
You might think I sound presumptuous when I say that a new era in retirement planning has begun. But I plan to prove it to you. A new retirement planning method demonstrates that by properly allocating the smartest sources of income, you can create
2 min readWeb App Security Linux FormatUNLIMITED
Web App Security
Jun 29, 2021
8 min readAmplified Working ‘at Speed of The Customer’ Business TodayUNLIMITED
Amplified Working ‘at Speed of The Customer’
Jan 21, 2021
The year 2020 challenged deep-rooted beliefs and transformed the way we work. Beliefs such as sales can occur only in physical branches or physical documents are required to be presented in person to close a sale or we will always need branches to se
4 min read“The Questioner And I Were In The Virtual Room Alone Together. Or Were We?” PC Pro MagazineUNLIMITED
“The Questioner And I Were In The Virtual Room Alone Together. Or Were We?”
Jan 8, 2025
I was taken by surprise on Teams the other day with the question: “Please may I speak to you about a confidential matter?” As a solicitor, one of my professional duties is to keep the affairs of my clients confidential, and I am used to confidential
6 min readTake Personal Control Money MagazineUNLIMITED
Take Personal Control
Mar 31, 2022
5 min readSmart Home vs. Hackers Residential Tech TodayUNLIMITED
Smart Home vs. Hackers
Apr 27, 2021
3 min readWHAT INVESTMENT CRITERIA ARE APPROPRIATE TODAY, in Light of the Coronavirus Threat? The European Business ReviewUNLIMITED
WHAT INVESTMENT CRITERIA ARE APPROPRIATE TODAY, in Light of the Coronavirus Threat?
Nov 30, 2020
8 min readDEVELOPING A STRATEGY FOR MANAGING Non-Financial Environment, Social, and Governance (ESG) Risks and Opportunities The European Business ReviewUNLIMITED
DEVELOPING A STRATEGY FOR MANAGING Non-Financial Environment, Social, and Governance (ESG) Risks and Opportunities
Feb 25, 2021
11 min readSensing From Within: The Insight-Driven Organization Rotman ManagementUNLIMITED
Sensing From Within: The Insight-Driven Organization
Sep 1, 2019
8 min readHumanizing Financial Services: The Role of Behavioural Insights Rotman ManagementUNLIMITED
Humanizing Financial Services: The Role of Behavioural Insights
Sep 1, 2021
10 min read
Reviews for ISO/IEC 27001:2022
Rating: 5 out of 5 stars
5/5
4 ratings1 review
- Rating: 5 out of 5 stars5/5Don't miss out. Highly recommended.
Basic ISO27001 explained in a easy to understand manner
Book preview
ISO/IEC 27001:2022 - Steve Watkins
INTRODUCTION
This pocket guide is intended to meet the needs of two groups:
1. Individual readers who have turned to it as an introduction to a topic that they know little about.
2. Organisations implementing, or considering implementing, some sort of information security management regime, particularly if using ISO/IEC 27001:2022, that wish to raise awareness.
In either case the guide gives readers an understanding of the basics of information security, including:
•A definition of information security;
•How managing information security can be achieved using an approach recognised worldwide as good practice;
•The factors that need to be considered in an information security regime, including how the perimeters of such a scheme can be properly defined;
•How an information security management system (ISMS) can ensure it is maximising the effect of any budget it has;
•Key areas of investment for a business-focused ISMS; and
•How organisations can demonstrate the degree of assurance they offer with regard to information security, how to interpret claims of adherence to the ISO 27001 standard and exactly what that means.
Corporate bodies will find this guide useful at a number of stages in any information security project, including:
•At the decision-making stage, to ensure that those committing to an information security project do so from a suitably informed position;
•At project initiation, as an introduction to information security for the project board, project team members and other key contributors; and
•As part of an ongoing awareness campaign, being made available to all staff ² and to new starters as part of their induction.
Corporate users may find they get the most benefit by making this pocket guide available and adding a small flyer inside it, which explains how various sections relate to their own specific environment, or where the issues raised in this guide are addressed in their own ISMS. For example:
This pocket guide is designed to be read without having to break frequently from the text, but there is a list of abbreviations along with terms and definitions in Chapter 7 for easy reference. Where footnotes have been added they are not essential reading, and it is recommended you ignore these on your first read through if you are new to the subject – on a second reading they will be of more relevance, and particularly if you are involved in an information security project or
Enjoying the preview?
Page 1 of 1