Foundations of Information Security Based on ISO27001 and ISO27002

Information security issues impact all organizations; however measures used to implement effective measures are often viewed as a businesses barrier costing a great deal of money. This practical title clearly explains the approaches that most organizations can consider and implement which helps turn Information Security management into an approachable, effective and well-understood tool. It covers: The quality requirements an organization may have for information; The risks associated with these quality requirements; The countermeasures that are necessary to mitigate these risks; Ensuring business continuity in the event of a disaster; When and whether to report incidents outside the organization. All information security concepts in this book are based on the ISO/IEC 27001 and ISO/IEC 27002 standards. But the text also refers to the other relevant international standards for information security.