International IT Governance

An Executive Guide to ISO 17799/ISO 27001

Alan Calder, Steve Watkins

384 pages, parution le 27/07/2006

Ajouter à une liste

Indisponible

Résumé

The development of IT Governance, which recognizes the convergence between business and IT management, makes it essential for managers at all levels and in organizations of all sizes to understand how best to deal with information security risks. International IT Governance explores new legislation, including the launch of ISO/IEC 27001, which makes a single, global standard of information security best practice available.

L'auteur - Alan Calder

Alan Calder is CEO of Wide Learning, a supplier of e-learning, and was previously CEO of Focus Central London and, before that, of Business Link London City Partners (BLLCP). He was also a member of the DTIs Information Age Competitiveness Working Group. He is a non-executive director of DNV Certification Services Ltd, a company that certifies compliance with international standards including BS 7799. He is also a Director of IT Governance Ltd, which provides information security services through its web site at www.itgovernance.co.uk

L'auteur - Steve Watkins

Steve Watkins is Corporate Services Manager of HMCPSI and was Head of Quality and Operations at Focus Central London and was, before that, Quality Manager at Business Link. Alan Calder and Steve Watkins were responsible for one of the first companies (BLLCP) to achieve BS 7799 registration when the standard was first promulgated in 1996. They have aided other organizations since then to implement effective information security management systems, and have been involved in the development of both the accredited certification scheme and related training standards.

Sommaire

Why is information security necessary?
Sarbanes Oxley and Regulatory Compliance
ISO 27001
Organizing information security
Information security policy and scope
The risk assessment and statement of applicability
External parties
Asset management
Human resources security
Physical and environmental security
Equipment security
Communications and operations management
Controls against malicious software(malware) and back ups
Network security management and media handling
Exchanges of information and software
Electronic commerce services
E-mail and Internet use
Access control
Network access control
Operating system access control
Application access control and teleworking
Systems acquisition, development and maintenance
Cryptographic controls
Security in development and support processes
Monitoring and information security incident management
Business continuity management
Compliance
The ISO/IEC 27001 audit

Voir tout

Replier

Caractéristiques techniques

	PAPIER
Éditeur(s)	Kogan Page
Auteur(s)	Alan Calder, Steve Watkins
Parution	27/07/2006
Nb. de pages	384
Format	16 x 23,5
Couverture	Broché
Poids	660g
Intérieur	Noir et Blanc
EAN13	9780749447489
ISBN13	978-0-7494-4748-9