New Book Demystifies ISO 27001 Compliance for US Executives
A timely new management book from top IT security authors Alan Watkins and Steve Richards explains in clear language how to create world class information security management systems that address US regulatory requirements and are compliant with the new global ‘gold standard’ of information security, ISO 27001.
London, England (PRWEB) August 23, 2006 -- With US businesses and organisations coming under intense regulatory pressure to secure their data and IT systems, a timely new management book explains in clear language how to create world class information security management systems that address US regulatory requirements and are compliant with the new global ‘gold standard’ of information security, ISO 27001.
‘International IT Governance: An Executive Guide to ISO 17799/ISO 27001’ is written by leading IT security experts Alan Calder and Steve Watkins. The book provides comprehensive, executive-level guidance for the creation of an information security management system conforming to ISO27001/ISO17799, thereby ensuring that corporate data is secure, information assets protected and regulations complied with. The book is based on the authors’ existing, definitive guide to ISO 27001 compliance, which is recommended by the UK’s Department for Trade & Industry, Institute of Directors and Open University. The work has been extensively revised to address US regulatory regimes including HIPAA, GLBA, SB 1386 and other State breach laws, PIPEDA, FISMA and EU Safe Harbor regulations.
By establishing an ISO/IEC 27001-certificated information security management system an organisation puts in place the general control environment that is essential for a successful SOX s404 report. Achieving this certification is significantly less costly than an SAS 70 audit (which frequently costs more than $100,000) and demonstrates to existing and potential customers as well as regulators that the organisation maintains a best-practice information security infrastructure.
‘International IT Governance’ is based on Alan Calder’s experience of leading the world’s first successful implementation of BS 7799, the standard on which the new ISO 27001 is based. Commenting on the new book, he said, “US organisations are becoming very aware of the potential business benefits of a robust information security management system. However, until now it has been difficult for C-suite executives to gain a clear overview of the practical issues and regulatory concerns as they apply in the US. International IT Governance fills this knowledge gap and provides executives with an express route to securing information assets and satisfying regulators at comparatively little cost.”
‘International IT Governance: An Executive Guide to ISO 17799/ISO 27001’ (priced at $80.00) is published by Kogan Page and may be purchased at all good bookstores. It may also be purchased online at www.27001.com. The book comes complete with a free six-month subscription to IT Governance’s exclusive subscriber KnowledgeBase, which enables readers to keep on top of developments and changes in the subject matter of the book after its publication.
NOTES TO EDITORS
Alan Calder is an international authority on information security management. He led the world’s first successful implementation of BS 7799, the information security management standard upon which ISO 27001 is based, and with Steve Watkins wrote the definitive compliance guide for this standard, ‘IT Governance: A Manager’s Guide to Data Security and BS7799/ISO17799’. The 3rd edition of this book is the basis for the UK Open University’s postgraduate course on Information Security. He is a consultant to companies including Cisco. He regularly blogs on IT security issues at http://alancalder.blogspot.com/.
IT Governance Ltd (ITGL) is a leading authority on data security and IT governance for business and the public sector. It is the world’s most comprehensive publisher of and distributor for information, advice, guidance, books and tools for Governance, Risk Management and Compliance. ITGL is ‘non-geek’: it approaches IT issues from a non-technology background and talks to management in its own language. Its customer base spans Europe, the Americas, the Middle East and Asia. More information is available at www.itgovernance.co.uk.
# # #
|
