Information Security Governance

This title is printed to order. This book may have been self-published. If so, we cannot guarantee the quality of the content. In the main most books will have gone through the editing process however some may not. We therefore suggest that you be aware of this before ordering this book. If in doubt check either the author or publisher’s details as we are unable to accept any returns unless they are faulty. Please contact us if you have any questions.

The increased dependency of organizations (companies, agencies, associations etc.) on information technology has entailed the growing importance of Information Security, making it a critical success factor. At the same time the complexity of Information Security has increased significantly over the last years and it has furthermore been subject to legal specifications like SOX and EUROSOX. In order to handle the raised demands of Information Security and conform to legal requirements, it is essential for organizations to move away from pure IT security (firewall, anti-virus, etc.) and introduce a solid Information Security Governance, which also emphasizes the responsibility of the board and top management. Central part of an Information Security Governance is the Information Security Management System (ISMS). This book describes the motivation and the necessary steps for the implementation of such an ISMS from a Governance point of view in order to contribute optimally to the success of an organization. Furthermore this book also highlights the significance of certification in the area of Information Security and presents possible achievements (ISO 27001, BSI IT-Grundschutz).