ISO 27001 ISMS Handbook: Implementing and auditing an Information Security Management System in small and medium-sized businesses

This book takes a difficult standard and explains it from the point of view of someone who assesses organizations against it; he has seen many different implementations of it!The standard is stepped through, with clarifying notes and observations throughout, as well as presenting a clear explanation of what the standard is about, and why.The book is very easy to read and understand; if it’s your job to implement the standard, this book makes clear what you have to do. If you are a manager, read the book to understand what you are asking your team to do.I strongly recommend that you read this book BEFORE hiring consultants; after reading the book, if you still don’t feel confident enough to implement the whole system yourself, you will at least have a very clear idea of what you want consultants to do, rather than giving them free reign!If you need ISO 27001, this book should be on your desk!