The UCISA Information Security Management Toolkit has been constructed for use by information security/governance professionals wishing to put in place an ISMS in their organisation. It also addresses how to convey the importance of information security to the organisation, since the need for an ISMS is based upon the acceptance that information security is worth investing in. This edition of the Toolkit outlines an approach to successfully implement an ISMS based on ISO/IEC 27001:2013 (Information technology — Security techniques — Information security management systems — Requirements). It is intended as a practical resource, providing an overview of the key aspects of a successful ISMS and guidance on how to implement them. It also includes case studies, as well as templates and example resources which organisations can tailor to suit their needs.
A high quality printed copy of this publication is available to purchase