Год выпуска: 2009 Автор: brian Honan Издательство: Страниц: 316 ISBN: 1905356781
Описание
The information security management standard (ISMS), ISO/IEC 27001, provides a significant implementation challenge for all organisations. ISO27001 is a management standard: it sets out a specification for how management should identify, from a business risk perspective, the controls and safeguards that should be applied to information assets in order to assure their confidentiality, integrity and confidentiality. Management - and also the ISMS implementation project manager - will usually have a general or quality management background. A significant number of the controls to be applied will, of necessity, be technical and will relate to how IT hardware and software are set up and configured. The technical knowledge to carry out this configuration is usually within the IT or corporate information security team and, because information security is a business responsibility, this team should never have overall accountability for determining the actual controls required by the ISMS. As...
