Chapter 20. How do you go About ISO 27001?

Once the board has recognized the need to deploy a structured information security management system, the steps to implementation are relatively straightforward. There are three preparatory steps that should be taken in every instance.

Preparation

The first is to obtain, and study, copies of both ISO 27001 and ISO/IEC 17799:2005. It is against these standards specifically that compliance will be measured and they, therefore, have precedence over any other guidance or commentary. Copies of the standards can be obtained from your national standards body or from www.itgovernance.co.uk (IT Governance Ltd is an authorized BSI international distributor).

The second is to obtain, and study, detailed guidance on ...

Get The Case for ISO 27001 now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

The Case for ISO 27001 by

Chapter 20. How do you go About ISO 27001?

Preparation

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly