What do you think?
Rate this book
Introduction to ISO/IEC 27001:2022/Amd 1:2024
ISO/IEC 27001:2022/Amd 1:2024 is the requirements standard for an information security management system, or ISMS for short. With more than 49,000 registrations worldwide, it defines the internationally accepted way to manage information security in your organization. You can use it to manage your exposure to information security risk, which is good
governance
, and to give confidence to others that you do, which is called
market assurance
.
Since the standard was first published as an ISO standard in 2005, sweeping changes were made in 2013, as from 2012 all new and revised management system standards conform to new ISO directives concerning layout and content (the Harmonized Structure). The standard was also updated to align it with new ISO risk management principles, and to reflect the lessons learnt worldwide in using ISMSs. The 2022 edition updates the standard’s reference control set to align it with the control text given in the latest edition of ISO/IEC 27002. The information security requirements are unchanged, but the core management system requirements have been updated for alignment with the latest edition of the Harmonized Structure.
Whilst the standard is very clear about specifying what must be done to create and use an ISMS, implementation is beyond the remit of a management system standard. To compensate for this, this book is full of practical how-to guidance.
It explains the ISMS requirements and provides fresh insights into understanding management systems in general and especially ISMS. It gives advice on risk assessment and risk treatment, a clear explanation of the purpose of the ‘Statement of Applicability’ (SOA) and advice on determining controls in practice. There is also guidance on assessing information security performance and the effectiveness of the ISMS processes.
The amendment (Amd 1:2024) clarifies the need to consider climate change as a possible internal or external issue. It is an amendment that has affected all management system standards and is a consequence of the “London Declaration”. Approved in September 2021, the London Declaration seeks to combat climate change through standards. It defines ISO’s commitment to achieve the climate agenda by 2050.
This book has been designed so that you can read it from cover to cover to gain a comprehensive understanding of the standard, and then later use it as a reference book.
Since the standard was first published as an ISO standard in 2005, sweeping changes were made in 2013, as from 2012 all new and revised management system standards conform to new ISO directives concerning layout and content (the Harmonized Structure). The standard was also updated to align it with new ISO risk management principles, and to reflect the lessons learnt worldwide in using ISMSs. The 2022 edition updates the standard’s reference control set to align it with the control text given in the latest edition of ISO/IEC 27002. The information security requirements are unchanged, but the core management system requirements have been updated for alignment with the latest edition of the Harmonized Structure.
Whilst the standard is very clear about specifying what must be done to create and use an ISMS, implementation is beyond the remit of a management system standard. To compensate for this, this book is full of practical how-to guidance.
It explains the ISMS requirements and provides fresh insights into understanding management systems in general and especially ISMS. It gives advice on risk assessment and risk treatment, a clear explanation of the purpose of the ‘Statement of Applicability’ (SOA) and advice on determining controls in practice. There is also guidance on assessing information security performance and the effectiveness of the ISMS processes.
The amendment (Amd 1:2024) clarifies the need to consider climate change as a possible internal or external issue. It is an amendment that has affected all management system standards and is a consequence of the “London Declaration”. Approved in September 2021, the London Declaration seeks to combat climate change through standards. It defines ISO’s commitment to achieve the climate agenda by 2050.
This book has been designed so that you can read it from cover to cover to gain a comprehensive understanding of the standard, and then later use it as a reference book.
Kindle Edition
Published June 1, 2024
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
No one has reviewed this book yet.