The Case for ISO 27001

by Mark Rowe

Author: Alan Calder

ISBN No: 9781 849285308

Review date: 29/03/2024

No of pages: 112

Publisher: IT Governance

Publisher URL:
http://www.itgovernance.co.uk

Year of publication: 17/12/2013

Brief:

The Case for ISO 27001

price

£24.95

A book making the case for the information security management standard ISO 27001 is in fact much more than that – it’s as good a short introduction to info-security, and security management in general, as you could wish to find, writes Mark Rowe.

The author starts by reminding us how far we have come in 20 years; from paper records and faxes to intangible assets, mostly intellectual capital, worth much more than tangible assets. “Information is the lifeblood of the modern business.” It has to be available, yet kept confidential, and with integrity intact (you don’t want a nought taken off your bank account, any more than the bank wants one added by mistake). Alan Calder goes through the threats; and yet notes that business rewards come from taking risks. Hardware or software solutions from vendors ‘no longer cut the mustard’ and on their own are in fact ‘dangerously inadequate’ he argues, because as he reminds us data security is a mix, of technology, procedure and human behaviour. He whizzes through what the ISO 27001 standard can offer: he calls it ‘a vendor-independent, system-agnostic information security framework’ that anyone can apply to manage risks. Info-security he says is a governance issue, and not simply for the IT department. Given that it does not make commercial sense to protect every asset against every risk, and you cannot have 100 per cent security, you need guidelines, and priorities. It’s one for the board. Calder has done a grand job of setting out the case, briefly.

The Case for ISO 27001 (2013), by Alan Calder, second Edition, published 2013 by IT Governance. Visit www.itgovernance.co.uk. Paperback, 112 pages, £24.95, ISBN 9781 849285308.

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing