Implementing Information Security Based on ISO 27001 and ISO 17799: A Management Guide (Best Practice)

This title covers the implementation issues of the information security standards up to and including audits. Pivotal to this it covers the installation of an ISMS, or Information Security Management System. This is defined as "That part of the overall management system, based on a business risk approach, to establish, implement, operate, monitor, review, maintain and improve information security. The management system includes organizational structure, policies, planning activities, responsibilities, practices, procedures, processes and resources."