The UCISA Information Security Management Toolkit has been constructed for use by information security/governance professionals wishing to put in place an ISMS in their organisation. It also addresses how to convey the importance of information security to the organisation, since the need for an ISMS is based upon the acceptance that information security is worth investing in. This edition of the Toolkit outlines an approach to successfully implement an ISMS based on ISO/IEC 27001:2013 (Information technology — Security techniques — Information security management systems — Requirements). It is intended as a practical resource, providing an overview of the key aspects of a successful ISMS and guidance on how to implement them. It also includes case studies, as well as templates and example resources which organisations can tailor to suit their needs.
The UCISA Information Security Management Toolkit will:
Copyright and disclaimer
Update: UCISA’s mailing list on information security is open to HE and FE institutions, and to other not-for-profit organisations. The aim of the list is to help colleagues who are addressing information security management challenges in their institutions (and who may not be from the IT function, such as information managers, and to help people who are implementing an information security management system using the new UCISA Information Security Management Toolkit.