Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Information Security Management Handbook

ISO : 25 October, 2010  (New Product)
The ISO has published a handbook aimed at small and medium sized businesses to assist in the implementation of information security management standards
ISO and the International Electrotechnical Commission (IEC) have just launched a new handbook providing practical advice for small and medium-sized enterprises (SMEs) on how to achieve the benefits of implementing an information security management system (ISMS) based on the International Standard ISO/IEC 27001.

Published in 2005, ISO/IEC 27001 is one of the fastest growing management system standards, being implemented by thousands of organizations in more than 100 countries.

ISO/IEC 27001 for Small Businesses - Practical advice takes the mystery out of information security and presents a practical, clearly explained step-by-step approach for SMEs to implementing an ISMS based on ISO/IEC 27001.

ISO Secretary-General Rob Steele and IEC General Secretary Ronnie Amit comment in the foreword to the handbook: 'An information security management system based on ISO/IEC 27001:2005 can empower the small business to compete successfully on today's globalizing markets. This handbook is intended to provide the key to the door.'

The advice given is based on the premise that information is an asset, which, like other important business assets, adds value to an organization and consequently needs to be protected. Information security protects information from a wide range of threats in order to ensure business continuity, minimize business damage and maximize return on investments and business opportunities. An ISMS is a systematic approach to managing sensitive company information so that it remains secure. It encompasses people, processes and information technology systems.

Information may concern an organization's products, processes or markets. It may be sensitive information entrusted by the organization's customers, suppliers or stakeholders. It may be stored in paper form, but is increasingly digital.

If information is power, then failure to protect that information can render the organization powerless by ruining its organization's reputation, resulting in escalating financial losses and wreaking havoc with business operations.

ISO/IEC 27001:2005 specifies the processes for enabling an organization to establish, implement, review and monitor, manage and maintain an effective ISMS. Its implementation will reassure customers and suppliers that information security is taken seriously within the organizations they deal with because the latter have in place state-of-the-art processes to deal with information security threats and issues.

ISO/IEC 27001 for Small Businesses - Practical advice, A5 format, is printed in English (ISBN 978-92-67-10517-8, 138 pages) and French (ISBN 978-92-67-20517-5, 142 pages) editions. It is available from ISO national member institutes (see the complete list with contact details). It may also be obtained directly from the ISO Central Secretariat, price 50 Swiss francs, through the ISO Store or by contacting the Marketing, Communication & Information department (see right-hand column), and from the IEC through the IEC Webstore or the IEC National Committee appointed sales outlets or by contacting the IEC Customer Service Centre.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo