ISO 27001 Risk Management in Plain English
THE SHORT HANDBOOK CONTAINING EXPERT GUIDANCE FOR THE RISK MANAGEMENT OF ISO 27001
Author and experienced information security consultant Dejan Kosutic has created this shorter book, as part of the handbook ISO pocket book series, focused solely on the issues of risk management according to ISO 27001.
This book, ISO 27001 Risk Management in Plain English, is based on an excerpt from his previous book Secure & Simple. It provides a quick read for people who are focused solely on risk management, and don’t have the time (or need) to read a comprehensive book about ISO 27001. It has one aim in mind: to give you the knowledge and practical step-by-step process you need to successfully implement ISO 27001 risk assessment and treatment – without struggle, stress, or headaches.
In the first of this series, ISO 27001 Risk Management in Plain English, you will learn:
- What ISO 27001 requires for risk assessment and treatment
- What are the steps in risk management
- How to develop the risk assessment and treatment methodology
- Which options exist for risk management according to ISO 27001
- Which documents are required for risk management
Formats: PDF, MOBI and ePub – for Kindle and any smart phone including iPhone, Android, and Windows phone
WHO IS THIS BOOK FOR?
- Beginners in risk assessment and treatment. This book is written primarily for beginners in this field and for people with moderate knowledge about risk assessment and treatment – no prior experience or knowledge about information security is required.
- ISO 27001 consultants. This book gives you the methodology on how to carry out risk management projects, helping you to gain the know-how for your future consulting engagements.
- Experienced information security professionals. This book brings all the knowledge you need (and additional insights) together in one comprehensive and systematic volume, helping to fill any gaps you may have.
- Small or mid-size companies. This book is perfect for IT administrators, information security professionals, heads of IT departments, or project managers tasked with implementing risk management in a small or mid-sized company.